diff options
| author | drebs <drebs@riseup.net> | 2011-03-12 18:04:39 -0300 |
|---|---|---|
| committer | drebs <drebs@riseup.net> | 2011-03-12 18:04:39 -0300 |
| commit | 6d0cc2a36b1718a737bc88f08d7101eb101ee00b (patch) | |
| tree | 5837ae00ae6dbba38454958ab78ca1a76da532ca /manifests | |
| parent | c250722de28cf556005b0d4103854d13cf781b56 (diff) | |
| download | puppet-bootstrap-6d0cc2a36b1718a737bc88f08d7101eb101ee00b.tar.gz puppet-bootstrap-6d0cc2a36b1718a737bc88f08d7101eb101ee00b.tar.bz2 | |
refactoring stages
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/admin-stage2.pp | 14 | ||||
| -rw-r--r-- | manifests/admin.pp | 13 | ||||
| -rw-r--r-- | manifests/admin_node.pp | 14 | ||||
| -rw-r--r-- | manifests/config.pp | 1 | ||||
| -rw-r--r-- | manifests/default-conf.pp | 315 | ||||
| -rw-r--r-- | manifests/default_conf.pp | 293 | ||||
| -rw-r--r-- | manifests/firewall.pp | 21 | ||||
| -rw-r--r-- | manifests/gitosis.pp | 4 | ||||
| -rw-r--r-- | manifests/host-stage2.pp | 9 | ||||
| -rw-r--r-- | manifests/puppet_bootstrap.pp | 32 | ||||
| -rw-r--r-- | manifests/puppetmasterd.pp | 33 | ||||
| -rw-r--r-- | manifests/stage1.pp | 5 |
12 files changed, 396 insertions, 358 deletions
diff --git a/manifests/admin-stage2.pp b/manifests/admin-stage2.pp new file mode 100644 index 0000000..4d81bfb --- /dev/null +++ b/manifests/admin-stage2.pp @@ -0,0 +1,14 @@ +import "config.pp" +import "git" + +include default_conf +include git + +# puppet config +package { [ "puppet", "puppetmaster" ]: ensure => installed, } + +service { "puppetmaster": + ensure => stopped, + require => Package["puppetmaster"] +} + diff --git a/manifests/admin.pp b/manifests/admin.pp deleted file mode 100644 index 24da2d4..0000000 --- a/manifests/admin.pp +++ /dev/null @@ -1,13 +0,0 @@ -import "config.pp" -import "nodo" - -nodo::vserver::instance { "$host-master": - context => '2', - puppetmaster => true, -} - -host { "puppet": - ensure => present, - ip => "192.168.0.2", - host_aliases => [ "puppet.$domain", "admin" ], -} diff --git a/manifests/admin_node.pp b/manifests/admin_node.pp new file mode 100644 index 0000000..364a900 --- /dev/null +++ b/manifests/admin_node.pp @@ -0,0 +1,14 @@ +import "nodo" + +class admin_node { + nodo::vserver::instance { "$host-master": + context => '2', + puppetmaster => true, + } + + host { "puppet": + ensure => present, + ip => "192.168.0.2", + host_aliases => [ "puppet.$domain", "admin" ], + } +} diff --git a/manifests/config.pp b/manifests/config.pp index bc637f8..e4e9021 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -7,4 +7,3 @@ $first_user_email = "usermail" $puppet_bootstrap_tmpdir = "/tmp/puppet-bootstrap" $puppet_dir = "/var/local/puppet" -$default_puppet_conf_dir = "$puppet_dir/default-conf" diff --git a/manifests/default-conf.pp b/manifests/default-conf.pp deleted file mode 100644 index 9c6cd71..0000000 --- a/manifests/default-conf.pp +++ /dev/null @@ -1,315 +0,0 @@ -import "config.pp" - -$templates_dir = "$puppet_bootstrap_tmpdir/templates" - -# puppet config -package { [ "puppet", "puppetmaster" ]: ensure => installed, } - -service { "puppetmaster": - ensure => stopped, - require => Package["puppetmaster"] -} - -# reference to admin vserver -host { "$hostname": - ensure => present, - ip => "127.0.0.1", - host_aliases => [ "$hostname.$domain", "puppet.$domain", "puppet", "admin" ], -} - -# puppet submodules script -file { "/usr/local/sbin/puppet-bootstrap": - owner => "root", - group => "root", - mode => 0755, - ensure => present, - require => Package["puppet"], - content => template("$templates_dir/bin/puppet-bootstrap"), -} - -# execute the bootstrap script to download puppet modules -exec { "/usr/local/sbin/puppet-bootstrap add-submodules": - user => root, - require => [ File["/usr/local/sbin/puppet-bootstrap"], File["$default_puppet_conf_dir/modules"] ], - timeout => 600, -} - -# directories -file { ["$puppet_dir", "$default_puppet_conf_dir"]: - ensure => directory, - owner => "puppet", - group => "puppet", - mode => 0755, - require => Package["puppet"], -} - -file { [ "$default_puppet_conf_dir/files", - "$default_puppet_conf_dir/manifests", - "$default_puppet_conf_dir/modules", - "$default_puppet_conf_dir/manifests/classes", - "$default_puppet_conf_dir/manifests/nodes" ]: - ensure => directory, - owner => "puppet", - group => "puppet", - mode => 0755, - require => File["$default_puppet_conf_dir"], -} - - - -# files in $default_puppet_conf_dir -file { "$default_puppet_conf_dir/puppet.conf": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => Package["puppet"], - content => template("$templates_dir/puppet/puppet.conf.erb"), -} - -file { "$default_puppet_conf_dir/fileserver.conf": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => Package["puppet"], - content => template("$templates_dir/puppet/fileserver.conf.erb"), -} - -file { "$default_puppet_conf_dir/auth.conf": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => Package["puppet"], - content => template("$templates_dir/puppet/auth.conf.erb"), -} - -# files in $default_puppet_conf_dir/manifests -file { "$default_puppet_conf_dir/manifests/site.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], - content => template("$templates_dir/puppet/site.pp.erb"), -} - -file { "$default_puppet_conf_dir/manifests/modules.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], - content => template("$templates_dir/puppet/modules.pp.erb"), -} - -file { "$default_puppet_conf_dir/manifests/nodes.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], - content => template("$templates_dir/puppet/nodes.pp.erb"), -} - -# files in $default_puppet_conf_dir/manifests/classes -file { "$default_puppet_conf_dir/manifests/classes/websites.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/classes"] ], - content => template("$templates_dir/puppet/websites.pp.erb"), -} - -file { "$default_puppet_conf_dir/manifests/classes/users.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/classes"] ], - content => template("$templates_dir/puppet/users.pp.erb"), -} - -# files in $default_puppet_conf_dir/manifests/nodes -file { "$default_puppet_conf_dir/manifests/nodes/$hostname-server.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], - content => template("$templates_dir/puppet/server.pp.erb"), -} - -file { "$default_puppet_conf_dir/manifests/nodes/$hostname-master.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], - content => template("$templates_dir/puppet/master.pp.erb"), -} - -file { "$default_puppet_conf_dir/manifests/nodes/$hostname-proxy.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], - content => template("$templates_dir/puppet/proxy.pp.erb"), -} - -file { "$default_puppet_conf_dir/manifests/nodes/$hostname-web.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], - content => template("$templates_dir/puppet/web.pp.erb"), -} - -file { "$default_puppet_conf_dir/manifests/nodes/$hostname-storage.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], - content => template("$templates_dir/puppet/storage.pp.erb"), -} - -file { "$default_puppet_conf_dir/manifests/nodes/$hostname-test.pp": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], - content => template("$templates_dir/puppet/test.pp.erb"), -} - - -# files in $default_puppet_conf_dir/files -file { [ "$default_puppet_conf_dir/files/etc", - "$default_puppet_conf_dir/files/etc/nginx", - "$default_puppet_conf_dir/files/etc/nagios3", - "$default_puppet_conf_dir/files/postfix", - "$default_puppet_conf_dir/files/apache", - "$default_puppet_conf_dir/files/apache/vhosts", - "$default_puppet_conf_dir/files/apache/htdocs", - "$default_puppet_conf_dir/files/apache/htdocs/images", - "$default_puppet_conf_dir/files/keys", - "$default_puppet_conf_dir/files/keys/ssl", - "$default_puppet_conf_dir/files/shorewall" ]: - ensure => directory, - owner => "puppet", - group => "puppet", - mode => 0755, -} - -file { "$default_puppet_conf_dir/files/apache/htdocs/images/README.html": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs/images"] ], - content => template("$templates_dir/apache/htdocs/images/README.html.erb"), -} - -file { "$default_puppet_conf_dir/files/apache/htdocs/index.html": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs"] ], - content => template("$templates_dir/apache/htdocs/index.html.erb"), -} - -file { "$default_puppet_conf_dir/files/apache/htdocs/missing.html": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs"] ], - content => template("$templates_dir/apache/htdocs/missing.html.erb"), -} - -file { "$default_puppet_conf_dir/files/apache/vhosts/git": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], - content => template("$templates_dir/apache/vhosts/git.erb"), -} - -file { "$default_puppet_conf_dir/files/apache/vhosts/lists": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], - content => template("$templates_dir/apache/vhosts/lists.erb"), -} - -file { "$default_puppet_conf_dir/files/apache/vhosts/mail": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], - content => template("$templates_dir/apache/vhosts/mail.erb"), -} - -file { "$default_puppet_conf_dir/files/apache/vhosts/nagios": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], - content => template("$templates_dir/apache/vhosts/nagios.erb"), -} - -file { "$default_puppet_conf_dir/files/apache/vhosts/wiki": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], - content => template("$templates_dir/apache/vhosts/wiki.erb"), -} - -file { "$default_puppet_conf_dir/files/etc/aliases": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc"] ], - content => template("$templates_dir/etc/aliases.erb"), -} - -file { "$default_puppet_conf_dir/files/etc/nagios3/htpasswd.users": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc/nagios3"] ], - content => template("$templates_dir/etc/nagios3/htpasswd.users.erb"), -} - -file { "$default_puppet_conf_dir/files/etc/nginx/$domain": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc/nginx"] ], - content => template("$templates_dir/etc/nginx/domain.erb"), -} - -file { "$default_puppet_conf_dir/files/postfix/tls_policy": - ensure => present, - owner => "puppet", - group => "puppet", - mode => 0644, - require => [ Package["puppet"], File["$default_puppet_conf_dir/files/postfix"] ], - content => template("$templates_dir/postfix/tls_policy.erb"), -} diff --git a/manifests/default_conf.pp b/manifests/default_conf.pp new file mode 100644 index 0000000..d1ef7c5 --- /dev/null +++ b/manifests/default_conf.pp @@ -0,0 +1,293 @@ +class default_conf { + + $templates_dir = "$puppet_bootstrap_tmpdir/templates" + $default_puppet_conf_dir = "$puppet_dir/default-conf" + + # reference to admin vserver + host { "$hostname": + ensure => present, + ip => "127.0.0.1", + host_aliases => [ "$hostname.$domain", "puppet.$domain", "puppet", "admin" ], + } + + + # directories + file { ["$puppet_dir", "$default_puppet_conf_dir"]: + ensure => directory, + owner => "puppet", + group => "puppet", + mode => 0755, + require => Package["puppet"], + } + + file { [ "$default_puppet_conf_dir/files", + "$default_puppet_conf_dir/manifests", + "$default_puppet_conf_dir/modules", + "$default_puppet_conf_dir/manifests/classes", + "$default_puppet_conf_dir/manifests/nodes" ]: + ensure => directory, + owner => "puppet", + group => "puppet", + mode => 0755, + require => File["$default_puppet_conf_dir"], + } + + + + # files in $default_puppet_conf_dir + file { "$default_puppet_conf_dir/puppet.conf": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => Package["puppet"], + content => template("$templates_dir/puppet/puppet.conf.erb"), + } + + file { "$default_puppet_conf_dir/fileserver.conf": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => Package["puppet"], + content => template("$templates_dir/puppet/fileserver.conf.erb"), + } + + file { "$default_puppet_conf_dir/auth.conf": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => Package["puppet"], + content => template("$templates_dir/puppet/auth.conf.erb"), + } + + # files in $default_puppet_conf_dir/manifests + file { "$default_puppet_conf_dir/manifests/site.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], + content => template("$templates_dir/puppet/site.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/modules.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], + content => template("$templates_dir/puppet/modules.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests"] ], + content => template("$templates_dir/puppet/nodes.pp.erb"), + } + + # files in $default_puppet_conf_dir/manifests/classes + file { "$default_puppet_conf_dir/manifests/classes/websites.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/classes"] ], + content => template("$templates_dir/puppet/websites.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/classes/users.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/classes"] ], + content => template("$templates_dir/puppet/users.pp.erb"), + } + + # files in $default_puppet_conf_dir/manifests/nodes + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-server.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/server.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-master.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/master.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-proxy.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/proxy.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-web.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/web.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-storage.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/storage.pp.erb"), + } + + file { "$default_puppet_conf_dir/manifests/nodes/$hostname-test.pp": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/manifests/nodes"] ], + content => template("$templates_dir/puppet/test.pp.erb"), + } + + + # files in $default_puppet_conf_dir/files + file { [ "$default_puppet_conf_dir/files/etc", + "$default_puppet_conf_dir/files/etc/nginx", + "$default_puppet_conf_dir/files/etc/nagios3", + "$default_puppet_conf_dir/files/postfix", + "$default_puppet_conf_dir/files/apache", + "$default_puppet_conf_dir/files/apache/vhosts", + "$default_puppet_conf_dir/files/apache/htdocs", + "$default_puppet_conf_dir/files/apache/htdocs/images", + "$default_puppet_conf_dir/files/keys", + "$default_puppet_conf_dir/files/keys/ssl", + "$default_puppet_conf_dir/files/shorewall" ]: + ensure => directory, + owner => "puppet", + group => "puppet", + mode => 0755, + } + + file { "$default_puppet_conf_dir/files/apache/htdocs/images/README.html": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs/images"] ], + content => template("$templates_dir/apache/htdocs/images/README.html.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/htdocs/index.html": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs"] ], + content => template("$templates_dir/apache/htdocs/index.html.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/htdocs/missing.html": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/htdocs"] ], + content => template("$templates_dir/apache/htdocs/missing.html.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/git": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/git.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/lists": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/lists.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/mail": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/mail.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/nagios": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/nagios.erb"), + } + + file { "$default_puppet_conf_dir/files/apache/vhosts/wiki": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/apache/vhosts"] ], + content => template("$templates_dir/apache/vhosts/wiki.erb"), + } + + file { "$default_puppet_conf_dir/files/etc/aliases": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc"] ], + content => template("$templates_dir/etc/aliases.erb"), + } + + file { "$default_puppet_conf_dir/files/etc/nagios3/htpasswd.users": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc/nagios3"] ], + content => template("$templates_dir/etc/nagios3/htpasswd.users.erb"), + } + + file { "$default_puppet_conf_dir/files/etc/nginx/$domain": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/etc/nginx"] ], + content => template("$templates_dir/etc/nginx/domain.erb"), + } + + file { "$default_puppet_conf_dir/files/postfix/tls_policy": + ensure => present, + owner => "puppet", + group => "puppet", + mode => 0644, + require => [ Package["puppet"], File["$default_puppet_conf_dir/files/postfix"] ], + content => template("$templates_dir/postfix/tls_policy.erb"), + } +} diff --git a/manifests/firewall.pp b/manifests/firewall.pp index 10f5988..124bb07 100644 --- a/manifests/firewall.pp +++ b/manifests/firewall.pp @@ -1,12 +1,15 @@ -import "config.pp" import "shorewall" -shorewall::rule { "ssh-02": - action => 'DNAT', - source => 'net', - destination => "vm:192.168.0.$context:22", - proto => 'tcp', - destinationport => "22$id", - ratelimit => '-', - order => "202", +class firewall { + include shorewall + + shorewall::rule { "ssh-02": + action => 'DNAT', + source => 'net', + destination => "vm:192.168.0.$context:22", + proto => 'tcp', + destinationport => "22$id", + ratelimit => '-', + order => "202", + } } diff --git a/manifests/gitosis.pp b/manifests/gitosis.pp deleted file mode 100644 index 14bd1dc..0000000 --- a/manifests/gitosis.pp +++ /dev/null @@ -1,4 +0,0 @@ -import "config.pp" -import "git" - -include gitosis diff --git a/manifests/host-stage2.pp b/manifests/host-stage2.pp new file mode 100644 index 0000000..0750542 --- /dev/null +++ b/manifests/host-stage2.pp @@ -0,0 +1,9 @@ +import "config.pp" +import "admin_node.pp" +import "firewall.pp" + +# creates vserver for administrative node +include admin_node + +# creates firewall rules for administrative node's external acess +include firewal diff --git a/manifests/puppet_bootstrap.pp b/manifests/puppet_bootstrap.pp new file mode 100644 index 0000000..f094dd7 --- /dev/null +++ b/manifests/puppet_bootstrap.pp @@ -0,0 +1,32 @@ +class puppet_bootstrap { + + # puppet-bootstrap script + file { "/usr/local/sbin/puppet-bootstrap": + owner => "root", + group => "root", + mode => 0755, + ensure => present, + require => Package["puppet"], + content => template("$templates_dir/bin/puppet-bootstrap"), + } + + define puppet_modules($modules_dir) { + + # directory to download modules + file { "$modules_dir": + ensure => directory, + owner => "puppet", + group => "puppet", + mode => 0755, + } + + # execute the bootstrap script to download puppet modules + exec { "/usr/local/sbin/puppet-bootstrap add-submodules": + user => root, + require => [ File["/usr/local/sbin/puppet-bootstrap"], File["$modules_dir"] ], + timeout => 600, + } + + } + +} diff --git a/manifests/puppetmasterd.pp b/manifests/puppetmasterd.pp index 64aaa04..5aaebb7 100644 --- a/manifests/puppetmasterd.pp +++ b/manifests/puppetmasterd.pp @@ -1,20 +1,21 @@ -import "config.pp" +class puppetmasterd { -package { "puppetmaster": ensure => installed, } + package { "puppetmaster": ensure => installed, } -# updates the puppet configuration dir with git repositories -# every 5 minutes. -cron { puppet-conf: - command => "git --git-dir=/etc/puppet/.git/ pull /var/git/repositories/puppet.git master && \ - git --git-dir=/etc/puppet/.git/ --work-tree=/etc/puppet/ checkout -f", - user => root, - hour => '*', - minute => '*/5', - ensure => present, -} + # updates the puppet configuration dir with git repositories + # every 5 minutes. + cron { puppet-conf: + command => "git --git-dir=/etc/puppet/.git/ pull /var/git/repositories/puppet.git master && \ + git --git-dir=/etc/puppet/.git/ --work-tree=/etc/puppet/ checkout -f", + user => root, + hour => '*', + minute => '*/5', + ensure => present, + } -# runs the service -service { "puppetmasterd": - ensure => stopped, - depends => Package["puppetmaster"], + # runs the service + service { "puppetmasterd": + ensure => stopped, + depends => Package["puppetmaster"], + } } diff --git a/manifests/stage1.pp b/manifests/stage1.pp new file mode 100644 index 0000000..6c67ded --- /dev/null +++ b/manifests/stage1.pp @@ -0,0 +1,5 @@ +import "config.pp" +import "puppet_bootstrap.pp" + +include puppet_bootstrap +puppet_modules("$puppet_bootstrap_tmpdir/modules") |