path: root/manifests/vserver
diff options
authorSilvio Rhatto <rhatto@riseup.net>2015-09-11 21:45:31 -0300
committerSilvio Rhatto <rhatto@riseup.net>2015-09-11 21:45:31 -0300
commite209b337264437e5762d2dd7376bbffeb1790d46 (patch)
tree7db7701108d766537454d39d86d46c98eb9edb43 /manifests/vserver
parent76ec4642be1a8bc64380c077a5890c4d0f4243e0 (diff)
Move nas and vm definitions into subsystems
Diffstat (limited to 'manifests/vserver')
1 files changed, 0 insertions, 205 deletions
diff --git a/manifests/vserver/instance.pp b/manifests/vserver/instance.pp
deleted file mode 100644
index 23cebb1..0000000
--- a/manifests/vserver/instance.pp
+++ /dev/null
@@ -1,205 +0,0 @@
-# Define a vserver instance
-define nodo::vserver::instance(
- $context,
- $distro = 'squeeze',
- $ensure = 'running',
- $proxy = false,
- $puppetmaster = false,
- $gitd = false,
- $mail = false,
- $icecast = false,
- $sound = false,
- $tor = false,
- $ticket = false,
- $memory_limit = false,
- $dns = false,
- $jabber = false,
- $mumble = false,
- $gobby = false,
- $yacy = false,
- $rsync = false,
- $avahi = false,
- $munin_port = false,
- $monkeysphere_ssh_port = false
-) {
- # Instance id
- if $context <= 9 {
- $id = "0$context"
- } else {
- $id = $context
- }
- # Puppetmaster ssl port
- case $puppetmaster_port {
- '': { $puppetmaster_port = "8140" }
- }
- # Set puppetmaster non-ssl port
- case $puppetmaster_nonssl_port {
- '': { $puppetmaster_nonssl_port = "8141" }
- }
- # Tor port
- case $tor_port {
- '': { $tor_port = "9001" }
- }
- $dev = hiera('nodo::vserver::interface', 'eth0')
- virtual::vserver { $name:
- ensure => $ensure,
- context => "$context",
- mark => 'default',
- distro => $distro,
- interface => "${dev}:192.168.0.${context}/24",
- hostname => "$name.$domain",
- memory_limit => $memory_limit,
- }
- # Some nodes need a lot of space at /tmp otherwise some admin
- # tasks like backups might not run.
- file { "/etc/vservers/${name}/fstab":
- source => [ "puppet:///modules/site_nodo/etc/fstab/vserver/$name",
- "puppet:///modules/nodo/etc/fstab/vserver" ],
- owner => "root",
- group => "root",
- mode => 0644,
- ensure => present,
- notify => Exec["vs_restart_${name}"],
- require => Exec["vs_create_${name}"],
- }
- # Create a munin virtual resource to be realized in the node
- @@nodo::subsystem::monitor::munin { "${name}":
- port => $munin_port ? {
- false => "49$id",
- default => $munin_port,
- }
- }
- # Create a monkeysphere virtual resource to be realized in the node
- @@nodo::subsystem::monkeysphere { "$name":
- port => $monkeysphere_ssh_port ? {
- false => "22$id",
- default => $monkeysphere_ssh_port,
- }
- }
- # Sound support
- if $sound {
- if !defined(File["/usr/local/sbin/create-sound-devices"]) {
- file { "/usr/local/sbin/create-sound-devices":
- ensure => present,
- source => "puppet:///modules/nodo/sound/devices.sh",
- owner => root,
- group => root,
- mode => 755,
- }
- }
- exec { "/usr/local/sbin/create-sound-devices ${name}":
- unless => "/usr/local/sbin/create-sound-devices ${name} --check",
- user => root,
- require => [ Exec["vs_create_${name}"], File["/usr/local/sbin/create-sound-devices"] ],
- }
- }
- # Apply firewall rules just for running vservers
- case $ensure {
- 'running': {
- firewall::vserver::ssh { "$name":
- destination => "192.168.0.$context",
- port_orig => "22$id",
- port_dest => "22",
- }
- firewall::vserver::munin { "$name":
- destination => "192.168.0.$context",
- port_orig => "49$id",
- port_dest => "49$id",
- }
- if $proxy {
- class {
- "firewall::vserver::http": destination => "192.168.0.$context";
- "firewall::vserver::https": destination => "192.168.0.$context";
- }
- }
- if $puppetmaster {
- class {
- "firewall::vserver::puppetmaster":
- destination => "192.168.0.$context",
- puppetmaster_port => $puppetmaster_port,
- puppetmaster_nonssl_port => $puppetmaster_nonssl_port,
- }
- }
- if $gitd {
- class {
- "firewall::vserver::gitd": destination => "192.168.0.$context";
- }
- }
- if $icecast {
- class {
- "firewall::vserver::icecast": destination => "192.168.0.$context";
- }
- }
- if $mail {
- class {
- "firewall::vserver::mail": destination => "192.168.0.$context";
- }
- }
- if $dns {
- class {
- "firewall::vserver::dns": destination => "192.168.0.$context";
- }
- }
- if $tor {
- class {
- "firewall::vserver::tor": destination => "192.168.0.$context";
- }
- }
- if $jabber {
- class {
- "firewall::vserver::jabber": destination => "192.168.0.$context";
- }
- }
- if $mumble {
- class {
- "firewall::vserver::mumble": destination => "192.168.0.$context";
- }
- }
- if $gobby {
- class {
- "firewall::vserver::gobby": destination => "192.168.0.$context";
- }
- }
- if $yacy {
- class {
- "firewall::vserver::yacy": destination => "192.168.0.$context";
- }
- }
- if $rsync {
- class {
- "firewall::vserver::rsync": destination => "192.168.0.$context";
- }
- }
- if $avahi {
- class {
- "firewall::vserver::mdns": destination => "192.168.0.$context";
- }
- }
- }
- }