aboutsummaryrefslogtreecommitdiff
path: root/manifests/nodo.pp
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2013-04-13 17:19:51 -0300
committerSilvio Rhatto <rhatto@riseup.net>2013-04-13 17:19:51 -0300
commit23720254e0e298f24858dabdf1a233e17ef759e8 (patch)
tree586aa4cc68250ec6623d1b1601b53def386675a1 /manifests/nodo.pp
parent7fb6adec51e060f32ff0392840a65280f9f15345 (diff)
downloadpuppet-nodo-23720254e0e298f24858dabdf1a233e17ef759e8.tar.gz
puppet-nodo-23720254e0e298f24858dabdf1a233e17ef759e8.tar.bz2
Moving some code to a base class
Diffstat (limited to 'manifests/nodo.pp')
-rw-r--r--manifests/nodo.pp152
1 files changed, 2 insertions, 150 deletions
diff --git a/manifests/nodo.pp b/manifests/nodo.pp
index 3502c23..50b74b8 100644
--- a/manifests/nodo.pp
+++ b/manifests/nodo.pp
@@ -1,154 +1,6 @@
class nodo {
- include lsb
- include nodo::subsystem::sudo
- include nodo::subsystem::motd
- include nodo::subsystem::locales
- include nodo::subsystem::profile
- include nodo::utils
- include tunnel::autossh
- include domain_check
- include users::admin
- include concat::setup
- include cron
-
- class { 'nodo::subsystem::hosts': }
-
- # Include if not defined by nodo::master
- if !defined(Class['puppet::daemon']) {
- class { 'puppet::daemon': }
- }
-
- #
- # Backup
- #
- class { 'backup': }
-
- $local_backup = hiera('nodo::backup::localhost', false)
-
- # Local encrypted backup
- case $local_backup {
- true,enabled,present: {
- backup::duplicity { "localhost":
- encryptkey => hiera('nodo::backup::encryptkey'),
- password => hiera('nodo::backup::password'),
- }
- }
- absent: {
- backup::duplicity { "localhost":
- encryptkey => hiera('nodo::backup::encryptkey'),
- password => hiera('nodo::backup::password'),
- ensure => absent,
- }
- }
- default: { }
- }
-
- # Does not work well inside vservers
- class { 'runit': ensure => absent }
-
- # Email delivery configuration
- $mail_delivery = hiera('nodo::mail_delivery', 'exim')
- case $mail_delivery {
- 'tunnel': {
- $mail_hostname = hiera('nodo::mail_hostname')
- tunnel::autossh::mail { "$mail_hostname":
- sshport => hiera('nodo::mail_ssh_port'),
- }
- }
- 'postfix': { }
- '','exim',default: { include exim::tls }
- }
-
- #
- # Apt configuration
- #
- class { 'apt':
- include_src => hiera('nodo::apt_include_src', false),
- use_next_release => hiera('nodo::apt_use_next_release', false),
- custom_key_dir => hiera('nodo::apt_custom_key_dir', 'puppet:///modules/site_apt/keys.d')
- }
-
- include apt::unattended_upgrades
-
- $apt_domain_source = hiera('nodo::apt_domain_source', false)
-
- apt::sources_list { "${::domain}.list":
- source => [ "puppet:///modules/site_apt/sources.list.d/${::operatingsystem}/${::lsbdistcodename}/${::domain}.list",
- "puppet:///modules/site_apt/sources.list.d/${::operatingsystem}/${::domain}.list", ],
- ensure => $apt_domain_source ? {
- true => present,
- default => absent,
- }
- }
-
- # Preferences file can't have dots in the filename
- $apt_domain_preferences = regsubst($::domain, '\.', '-', 'G')
-
- file { "/etc/apt/preferences.d/${apt_domain_preferences}":
- source => [ "puppet:///modules/site_apt/preferences.d/${::operatingsystem}/${::domain}",
- "puppet:///modules/nodo/preferences.d/custom" ],
- ensure => $apt_domain_source ? {
- true => present,
- default => absent,
- }
- }
-
- $apt_proxy = hiera('nodo::apt_proxy', false)
-
- if $apt_proxy != false {
- class { 'apt::proxy_client':
- proxy => $apt_proxy,
- port => hiera('nodo::apt_proxy_port', ''),
- }
- }
-
- package { 'apt-transport-https':
- ensure => present,
- }
-
- # SSH Server
- #
- # We need to restrict listen address by default so multiple
- # instances can live together in the same physical host.
- #
- class { 'sshd':
- manage_nagios => hiera('nodo::sshd_manage_nagios', false),
- listen_address => hiera('nodo::sshd_listen_address', [ "${::ipaddress}", '127.0.0.1' ]),
- password_authentication => hiera('nodo::sshd_password_authentication', 'yes'),
- shared_ip => hiera('nodo::sshd_shared_ip', 'yes'),
- tcp_forwarding => hiera('nodo::sshd_tcp_forwarding', 'yes'),
- hardened_ssl => hiera('nodo::sshd_hardened_ssl', 'yes'),
- print_motd => hiera('nodo::sshd_print_motd', 'no'),
- ports => hiera('nodo::sshd_ports', [ 22 ]),
- use_pam => hiera('nodo::sshd_use_pam', 'no'),
- }
-
- # Add the localhost ssh key, useful when one needs
- # to ssh to localhost.
- sshkey { [ 'localhost', '127.0.0.1' ]:
- type => ssh-rsa,
- key => $::sshrsakey,
- ensure => $::sshrsakey ? {
- '' => absent,
- default => present,
- },
- }
-
- file { "/etc/hostname":
- owner => "root",
- group => "root",
- mode => 0644,
- ensure => present,
- content => "${::fqdn}\n",
- }
-
- file { "/etc/rc.local":
- source => "puppet:///modules/nodo/etc/rc.local",
- owner => "root",
- group => "root",
- mode => 0755,
- ensure => present,
- }
+ # Include base class
+ include nodo::base
# Include role class
if defined("nodo::role::${::role}") {