From d6d256a293da043076351c62146228ed5bd4dfbc Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 7 May 2020 20:58:21 -0300 Subject: Hiera 5 migration --- manifests/base/host.pp | 2 +- manifests/base/physical.pp | 2 +- manifests/base/virtual.pp | 2 +- manifests/init.pp | 23 ++++++++----- manifests/resources.pp | 28 ++++++++-------- manifests/role/mumble.pp | 4 +-- manifests/role/nas.pp | 38 +++++++++++----------- manifests/role/web.pp | 6 ++-- manifests/role/yacy.pp | 2 +- manifests/subsystem/backup.pp | 14 ++++---- manifests/subsystem/dhclient.pp | 6 ++-- manifests/subsystem/hosts.pp | 2 +- manifests/subsystem/mail.pp | 6 ++-- manifests/subsystem/media.pp | 2 +- manifests/subsystem/media/folders.pp | 8 ++--- manifests/subsystem/monkeysphere.pp | 4 +-- manifests/subsystem/motd.pp | 4 +-- manifests/subsystem/nas/share.pp | 12 +++---- manifests/subsystem/resolver.pp | 8 ++--- manifests/subsystem/scanner.pp | 2 +- manifests/subsystem/scanner/client.pp | 2 +- manifests/subsystem/screen/startup.pp | 8 ++--- manifests/subsystem/sshd.pp | 2 +- manifests/subsystem/sysctl/appliance.pp | 2 +- manifests/subsystem/sysctl/disable_ipv6.pp | 2 +- .../subsystem/sysctl/tcp_challenge_ack_limit.pp | 2 +- manifests/subsystem/udev/network.pp | 2 +- manifests/utils/java.pp | 2 +- manifests/utils/multimedia.pp | 2 +- 29 files changed, 102 insertions(+), 97 deletions(-) diff --git a/manifests/base/host.pp b/manifests/base/host.pp index 96c2e63..6e71f98 100644 --- a/manifests/base/host.pp +++ b/manifests/base/host.pp @@ -14,7 +14,7 @@ class nodo::base::host { class { 'firewall': } # Time - $ntpdate = hiera('nodo::host::ntpdate', true) + $ntpdate = lookup('nodo::host::ntpdate', undef, undef, true) case $ntpdate { false: { class { 'ntp::timezone': } } default: { class { 'ntp::ntpdate': } } diff --git a/manifests/base/physical.pp b/manifests/base/physical.pp index 8c3b1c4..936a21f 100644 --- a/manifests/base/physical.pp +++ b/manifests/base/physical.pp @@ -1,5 +1,5 @@ class nodo::base::physical inherits nodo::base::host { - $smartmontools = hiera('nodo::smartmontools', true) + $smartmontools = lookup('nodo::smartmontools', undef, undef, true) if $smartmontools == true { class { 'smartmontools': } diff --git a/manifests/base/virtual.pp b/manifests/base/virtual.pp index c532620..0e107c0 100644 --- a/manifests/base/virtual.pp +++ b/manifests/base/virtual.pp @@ -10,6 +10,6 @@ class nodo::base::virtual { } nodo::subsystem::monkeysphere { "${::hostname}": - port => hiera('nodo::virtual::ssh_port', '22'), + port => lookup('nodo::virtual::ssh_port', undef, undef, '22'), } } diff --git a/manifests/init.pp b/manifests/init.pp index adbaebc..5baee4d 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -3,29 +3,34 @@ # class nodo( - $role = 'default', - $location = 'default', + $role = $::role, ) { # Default execution path Exec { path => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" } # Fileserver backup - filebucket { server: server => hiera('puppet::daemon::server', "puppet.${::domain}") } + filebucket { server: server => lookup('puppet::daemon::server', undef, undef, "puppet.${::domain}") } File { backup => server } # Include base class include nodo::base + $nodo_role = $role ? { + '' => 'default', + default => $role, + } + # Include role class - if defined("nodo::role::${role}") { - class { "nodo::role::${role}": } + if defined("nodo::role::${nodo_role}") { + class { "nodo::role::${nodo_role}": } } # Include additional classes - $classes = hiera('classes', false) - if $classes != false { - hiera_include('classes') - } + #$classes = lookup('classes', undef, undef, false) + #if $classes != false { + # hiera_include('classes') + #} + lookup('classes', { merge => unique }).include # Declare resources class { "nodo::resources": } diff --git a/manifests/resources.pp b/manifests/resources.pp index 5c014fb..8fe188f 100644 --- a/manifests/resources.pp +++ b/manifests/resources.pp @@ -5,58 +5,58 @@ class nodo::resources { } # Packages - $packages = hiera('packages', {}) + $packages = lookup('packages', undef, undef, {}) create_resources('package', $packages) # Files - $files = hiera('files', {}) + $files = lookup('files', undef, undef, {}) create_resources('file', $files) # File lines - $file_lines = hiera('file_lines', {}) + $file_lines = lookup('file_lines', undef, undef, {}) create_resources('file_line', $file_lines) # Virtual machines - $vms = hiera('virtual::machines', {}) + $vms = lookup('virtual::machines', undef, undef, {}) create_resources('nodo::subsystem::virtual::instance', $vms) # Users - $users = hiera('users', {}) + $users = lookup('users', undef, undef, {}) create_resources('user::manage', $users) # Backup users - $backup_users = hiera('backup::users', {}) + $backup_users = lookup('backup::users', undef, undef, {}) create_resources('backup::user', $backup_users) # Cron entries - $cron = hiera('cron::jobs', {}) + $cron = lookup('cron::jobs', undef, undef, {}) create_resources('cron', $cron) # Hosts - $hosts = hiera('hosts', {}) + $hosts = lookup('hosts', undef, undef, {}) create_resources('host', $hosts) # Nginx entries - $nginx = hiera('nginx::sites', {}) + $nginx = lookup('nginx::sites', undef, undef, {}) create_resources('nginx::site', $nginx) # SSH keys - $sshkeys = hiera('sshkeys', {}) + $sshkeys = lookup('sshkeys', undef, undef, {}) create_resources('sshkey', $sshkeys) # SSH Authorized keys - $ssh_authorized_keys = hiera('ssh_authorized_keys', {}) + $ssh_authorized_keys = lookup('ssh_authorized_keys', undef, undef, {}) create_resources('ssh_authorized_key', $ssh_authorized_keys) # PaX flags - $pax = hiera('nodo::subsystem::grsec::paxctl', {}) + $pax = lookup('nodo::subsystem::grsec::paxctl', undef, undef, {}) create_resources('nodo::subsystem::grsec::paxctl', $pax) # Exec - $execs = hiera('execs', {}) + $execs = lookup('execs', undef, undef, {}) create_resources('exec', $execs) # Repositories - $vcsrepos = hiera('vcsrepos', {}) + $vcsrepos = lookup('vcsrepos', undef, undef, {}) create_resources('vcsrepo', $vcsrepos) } diff --git a/manifests/role/mumble.pp b/manifests/role/mumble.pp index c9b26f2..3765dab 100644 --- a/manifests/role/mumble.pp +++ b/manifests/role/mumble.pp @@ -1,9 +1,9 @@ class nodo::role::mumble inherits nodo::base::virtual { class { 'mumble::ssl': - config_content => hiera('mumble::config_content'), + config_content => lookup('mumble::config_content'), } - $ecdhforce = hiera('nodo::role::mumble::ecdhforce', false) + $ecdhforce = lookup('nodo::role::mumble::ecdhforce', undef, undef, false) if $ecdhforce == true { include mumble::ecdhforce diff --git a/manifests/role/nas.pp b/manifests/role/nas.pp index 7eecbe3..a24ef77 100644 --- a/manifests/role/nas.pp +++ b/manifests/role/nas.pp @@ -31,14 +31,14 @@ class nodo::role::nas( # http://lists.freedesktop.org/archives/avahi/2006-July/000824.html # http://cups.org/documentation.php/doc-1.6/ref-cupsd-conf.html#BrowseLocalProtocols # http://www.dns-sd.org/ServiceTypes.html - $avahi = hiera('nodo::role::nas::avahi', false) + $avahi = lookup('nodo::role::nas::avahi', undef, undef, false) if $avahi == true { include avahi } # DLNA - $dlna = hiera('nodo::role::nas::dlna', false) + $dlna = lookup('nodo::role::nas::dlna', undef, undef, false) if $dlna == true { # See https://wiki.archlinux.org/index.php/MiniDLNA#Automatic_Media_DB_Update @@ -71,7 +71,7 @@ class nodo::role::nas( # http://git.puppet.immerda.ch/?p=module-nfsd.git;a=summary # http://wiki.debian.org/NFSServerSetup # http://www.tldp.org/HOWTO/NFS-HOWTO/ - $nfs = hiera('nodo::role::nas::nfs', false) + $nfs = lookup('nodo::role::nas::nfs', undef, undef, false) if $nfs == true { # Main class @@ -88,7 +88,7 @@ class nodo::role::nas( # https://forum.openwrt.org/viewtopic.php?id=12976 # http://download.pureftpd.org/pub/pure-ftpd/doc/FAQ # http://www.massimilianomarini.com/04/02/2012/how-follow-symbolic-links-pure-ftpd - $ftp = hiera('nodo::role::nas::ftp', false) + $ftp = lookup('nodo::role::nas::ftp', undef, undef, false) if $ftp == true { # Main class @@ -132,15 +132,15 @@ class nodo::role::nas( # http://www.linuxplanet.com/linuxplanet/tutorials/6600/2 # http://forums.fedoraforum.org/showthread.php?t=260519 # http://randombio.com/linuxsetup38.html - $samba = hiera('nodo::role::nas::samba', false) + $samba = lookup('nodo::role::nas::samba', undef, undef, false) if $samba == true { # Main class class { 'samba::server': - workgroup => hiera('nodo::samba::workgroup', 'WORKGROUP'), - server_string => hiera('nodo::samba::server_string', 'Samba Server'), - interfaces => hiera('nodo::samba::interfaces', 'lo eth0'), - security => hiera('nodo::samba::security', 'user'), + workgroup => lookup('nodo::samba::workgroup', undef, undef, 'WORKGROUP'), + server_string => lookup('nodo::samba::server_string', undef, undef, 'Samba Server'), + interfaces => lookup('nodo::samba::interfaces', undef, undef, 'lo eth0'), + security => lookup('nodo::samba::security', undef, undef, 'user'), preferred_master => 'yes', printing => 'cups', printcap_name => 'cups', @@ -153,7 +153,7 @@ class nodo::role::nas( # http://linux-igd.sourceforge.net/documentation.php samba::server::option { # Remote announce won't work since routers don't forward broadcast traffic - #'remote announce': value => hiera('nodo::samba::remote_announce', ''); + #'remote announce': value => lookup('nodo::samba::remote_announce', undef, undef, ''); 'wins support': value => 'yes'; 'domain master': value => 'yes'; } @@ -191,7 +191,7 @@ class nodo::role::nas( # https://github.com/camptocamp/puppet-lighttpd # https://github.com/example42/puppet-lighttpd # http://git.puppet.immerda.ch/?p=module-lighttpd.git;a=summary - $http = hiera('nodo::role::nas::http', false) + $http = lookup('nodo::role::nas::http', undef, undef, false) if $http == true { # Main class @@ -224,7 +224,7 @@ class nodo::role::nas( # # TFTP # - $tftp = hiera('nodo::role::nas::tftp', false) + $tftp = lookup('nodo::role::nas::tftp', undef, undef, false) if $tftp == true { # Main class @@ -239,7 +239,7 @@ class nodo::role::nas( # # Rsync # - $rsync = hiera('nodo::role::nas::rsync', false) + $rsync = lookup('nodo::role::nas::rsync', undef, undef, false) if $rsync == true { include rsync::server @@ -263,7 +263,7 @@ class nodo::role::nas( # # MPD # - $mpd = hiera('nodo::role::nas::mpd', false) + $mpd = lookup('nodo::role::nas::mpd', undef, undef, false) if $mpd == true { include mpd @@ -274,7 +274,7 @@ class nodo::role::nas( # # CherryMusic # - $cherrymusic = hiera('nodo::role::nas::cherrymusic', false) + $cherrymusic = lookup('nodo::role::nas::cherrymusic', undef, undef, false) if $cherrymusic == true { include cherrymusic @@ -283,7 +283,7 @@ class nodo::role::nas( # # Airsonic # - $airsonic = hiera('nodo::role::nas::airsonic', false) + $airsonic = lookup('nodo::role::nas::airsonic', undef, undef, false) if $airsonic == true { include airsonic @@ -295,7 +295,7 @@ class nodo::role::nas( # References # https://github.com/mosen/puppet-cups # https://github.com/camptocamp/puppet-cups - $cups = hiera('nodo::role::nas::cups', false) + $cups = lookup('nodo::role::nas::cups', undef, undef, false) if $cups == true { include firewall::printer @@ -305,7 +305,7 @@ class nodo::role::nas( # # Torrent # - $torrent = hiera('nodo::role::nas::torrent', false) + $torrent = lookup('nodo::role::nas::torrent', undef, undef, false) if $torrent == true { include pyroscope @@ -318,7 +318,7 @@ class nodo::role::nas( # http://packages.debian.org/stable/forked-daapd # http://packages.debian.org/squeeze/mt-daapd # https://github.com/stahnma/puppet-module-daap_server - #$daap = hiera('nodo::role::nas::daap', false) + #$daap = lookup('nodo::role::nas::daap', undef, undef, false) #if $daap == true { # # Main class, but package not available on wheezy diff --git a/manifests/role/web.pp b/manifests/role/web.pp index f315418..7b2c032 100644 --- a/manifests/role/web.pp +++ b/manifests/role/web.pp @@ -1,6 +1,6 @@ class nodo::role::web inherits nodo::base::virtual { # Hidden services - $hidden = hiera('apache::site::hidden', false) + $hidden = lookup('apache::site::hidden', undef, undef, false) if $hidden == true { include onion } @@ -11,14 +11,14 @@ class nodo::role::web inherits nodo::base::virtual { include domain_check ## Reprepro configuration - #$reprepro = hiera('nodo::web::reprepro', false) + #$reprepro = lookup('nodo::web::reprepro', undef, undef, false) #$reprepro_basedir = '/var/reprepro' # #case $reprepro { # true,'enabled': { # class { 'reprepro': # basedir => '/var/reprepro', - # uploaders => hiera('nodo::web::reprepro_uploaders', [ ]), + # uploaders => lookup('nodo::web::reprepro_uploaders', undef, undef, [ ]), # } # # include reprepro::cron diff --git a/manifests/role/yacy.pp b/manifests/role/yacy.pp index d047c83..9cb4199 100644 --- a/manifests/role/yacy.pp +++ b/manifests/role/yacy.pp @@ -5,7 +5,7 @@ class nodo::role::yacy inherits nodo::base::virtual { ensure => installed, } - $yacy_status = hiera('nodo::role::yacy::status', 'running') + $yacy_status = lookup('nodo::role::yacy::status', undef, undef, 'running') service { 'yacy': ensure => $yacy_status, diff --git a/manifests/subsystem/backup.pp b/manifests/subsystem/backup.pp index 8126249..bfdffaa 100644 --- a/manifests/subsystem/backup.pp +++ b/manifests/subsystem/backup.pp @@ -4,20 +4,20 @@ class nodo::subsystem::backup { # class { '::backup': } - $local_backup = hiera('nodo::subsystem::backup::localhost', false) + $local_backup = lookup('nodo::subsystem::backup::localhost', undef, undef, false) # Local encrypted backup case $local_backup { true,enabled,present: { backup::duplicity { "localhost": - encryptkey => hiera('nodo::subsystem::backup::encryptkey', false), - password => hiera('nodo::subsystem::backup::password'), + encryptkey => lookup('nodo::subsystem::backup::encryptkey', undef, undef, false), + password => lookup('nodo::subsystem::backup::password'), } } false,absent: { backup::duplicity { "localhost": - encryptkey => hiera('nodo::subsystem::backup::encryptkey', false), - password => hiera('nodo::subsystem::backup::password', false), + encryptkey => lookup('nodo::subsystem::backup::encryptkey', undef, undef, false), + password => lookup('nodo::subsystem::backup::password', undef, undef, false), ensure => absent, } } @@ -25,10 +25,10 @@ class nodo::subsystem::backup { } # Setup rsync instances - $rsync = hiera('backup::rsync', {}) + $rsync = lookup('backup::rsync', undef, undef, {}) create_resources('backup::rsync', $rsync) # Setup borg instances - $borg = hiera('backup::borg', {}) + $borg = lookup('backup::borg', undef, undef, {}) create_resources('backup::borg', $borg) } diff --git a/manifests/subsystem/dhclient.pp b/manifests/subsystem/dhclient.pp index e67a6e8..e809f1a 100644 --- a/manifests/subsystem/dhclient.pp +++ b/manifests/subsystem/dhclient.pp @@ -1,7 +1,7 @@ class nodo::subsystem::dhclient( - $ensure = hiera('nodo::subsystem::dhclient::ensure', 'present'), - $supersede_domain_name = hiera('nodo::subsystem::dhclient::supersede_domain_name', $::domain), - $supersede_domain_search = hiera('nodo::subsystem::dhclient::supersede_domain_search', $::domain) + $ensure = lookup('nodo::subsystem::dhclient::ensure', undef, undef, 'present'), + $supersede_domain_name = lookup('nodo::subsystem::dhclient::supersede_domain_name', undef, undef, $::domain), + $supersede_domain_search = lookup('nodo::subsystem::dhclient::supersede_domain_search', undef, undef, $::domain) ) { package { 'isc-dhcp-client': ensure => $ensure, diff --git a/manifests/subsystem/hosts.pp b/manifests/subsystem/hosts.pp index 341a827..54d112b 100644 --- a/manifests/subsystem/hosts.pp +++ b/manifests/subsystem/hosts.pp @@ -1,5 +1,5 @@ class nodo::subsystem::hosts( - $custom = hiera('nodo::subsystem::hosts::custom', false) + $custom = lookup('nodo::subsystem::hosts::custom', undef, undef, false) ) { # Sometimes might be useful to manage the whole # hosts file, see http://projects.puppetlabs.com/issues/10704 diff --git a/manifests/subsystem/mail.pp b/manifests/subsystem/mail.pp index d0773e9..2bfd75e 100644 --- a/manifests/subsystem/mail.pp +++ b/manifests/subsystem/mail.pp @@ -1,6 +1,6 @@ class nodo::subsystem::mail { # Email delivery configuration - $mail_delivery = hiera('nodo::subsystem::mail::delivery', 'exim') + $mail_delivery = lookup('nodo::subsystem::mail::delivery', undef, undef, 'exim') # A handy SMTP wrapper include nodo::subsystem::mail::msmtp @@ -15,9 +15,9 @@ class nodo::subsystem::mail { case $mail_delivery { 'tunnel': { - $mail_hostname = hiera('nodo::subsystem::mail::hostname') + $mail_hostname = lookup('nodo::subsystem::mail::hostname') tunnel::autossh::mail { "$mail_hostname": - sshport => hiera('nodo::subsystem::mail::ssh_port'), + sshport => lookup('nodo::subsystem::mail::ssh_port'), } } 'postfix', 'disabled': { } diff --git a/manifests/subsystem/media.pp b/manifests/subsystem/media.pp index b67ddbd..1319e73 100644 --- a/manifests/subsystem/media.pp +++ b/manifests/subsystem/media.pp @@ -3,7 +3,7 @@ class nodo::subsystem::media { class { [ 'nodo::subsystem::media::folders', 'nodo::subsystem::media::groups' ]: } # Make sure basic media exist, no matter if there is an external disk attached - $cache = hiera('nodo::media::folders', '') + $cache = lookup('nodo::media::folders', undef, undef, '') if $cache != '' { file { "${cache}": diff --git a/manifests/subsystem/media/folders.pp b/manifests/subsystem/media/folders.pp index a745a54..8afbca8 100644 --- a/manifests/subsystem/media/folders.pp +++ b/manifests/subsystem/media/folders.pp @@ -1,8 +1,8 @@ class nodo::subsystem::media::folders( - $base = hiera('nodo::subsystem::media::folders::base', '/var/cache/media'), - $cache = hiera('nodo::subsystem::media::folders::cache', directory), - $owner = hiera('nodo::subsystem::media::folders::owner', false), - $group = hiera('nodo::subsystem::media::folders::group', false) + $base = lookup('nodo::subsystem::media::folders::base', undef, undef, '/var/cache/media'), + $cache = lookup('nodo::subsystem::media::folders::cache', undef, undef, directory), + $owner = lookup('nodo::subsystem::media::folders::owner', undef, undef, false), + $group = lookup('nodo::subsystem::media::folders::group', undef, undef, false) ) { # Removable media folders file { [ "/media/usb", "/media/cdrom", "/media/tablet", "/media/phone" ]: diff --git a/manifests/subsystem/monkeysphere.pp b/manifests/subsystem/monkeysphere.pp index 13372ca..ab3bc18 100644 --- a/manifests/subsystem/monkeysphere.pp +++ b/manifests/subsystem/monkeysphere.pp @@ -1,6 +1,6 @@ define nodo::subsystem::monkeysphere( - $port = hiera('nodo::monkeysphere_host::ssh_port', ''), - $mail_recipient = hiera('mail::root_mail_recipient', 'nobody') + $port = lookup('nodo::monkeysphere_host::ssh_port', undef, undef, ''), + $mail_recipient = lookup('mail::root_mail_recipient', undef, undef, 'nobody') ) { include monkeysphere diff --git a/manifests/subsystem/motd.pp b/manifests/subsystem/motd.pp index df671eb..1ce0038 100644 --- a/manifests/subsystem/motd.pp +++ b/manifests/subsystem/motd.pp @@ -1,6 +1,6 @@ class nodo::subsystem::motd( - $message = hiera('nodo::subsystem::motd::message', ''), - $network_name = hiera('nodo::subsystem::motd::network_name', 'Nodo') + $message = lookup('nodo::subsystem::motd::message', undef, undef, ''), + $network_name = lookup('nodo::subsystem::motd::network_name', undef, undef, 'Nodo') ) { if $message != '' { $append = "${message}\n" diff --git a/manifests/subsystem/nas/share.pp b/manifests/subsystem/nas/share.pp index 94f8194..b3e8edc 100644 --- a/manifests/subsystem/nas/share.pp +++ b/manifests/subsystem/nas/share.pp @@ -21,7 +21,7 @@ define nodo::subsystem::nas::share( # # DLNA share # - $dlna = hiera('nodo::role::nas::dlna', false) + $dlna = lookup('nodo::role::nas::dlna', undef, undef, false) if $dlna == true and $dlna_type != '' { minidlna::share { $folder: @@ -35,7 +35,7 @@ define nodo::subsystem::nas::share( # # Samba share # - $samba = hiera('nodo::role::nas::samba', false) + $samba = lookup('nodo::role::nas::samba', undef, undef, false) if $samba == true { samba::server::share { $name: @@ -74,7 +74,7 @@ define nodo::subsystem::nas::share( # # NFS export # - $nfs = hiera('nodo::role::nas::nfs', false) + $nfs = lookup('nodo::role::nas::nfs', undef, undef, false) if $nfs == true { nfs::export { $name: @@ -87,7 +87,7 @@ define nodo::subsystem::nas::share( # # HTTP and FTP symlinks to media assets # - $http = hiera('nodo::role::nas::http', false) + $http = lookup('nodo::role::nas::http', undef, undef, false) if $http == true { file { [ "/var/www/data/${name}", "/home/ftp/${name}" ]: @@ -99,7 +99,7 @@ define nodo::subsystem::nas::share( # # Avahi service # - $avahi = hiera('nodo::role::nas::avahi', false) + $avahi = lookup('nodo::role::nas::avahi', undef, undef, false) if $avahi == true and $nfs == true { file { "/etc/avahi/services/nfs-${name}.service": @@ -113,7 +113,7 @@ define nodo::subsystem::nas::share( } # Make sure basic media exist, no matter which disk is attached - $cache = hiera('nodo::subsystem::media::folders::base', '/var/cache/media') + $cache = lookup('nodo::subsystem::media::folders::base', undef, undef, '/var/cache/media') if $cache != '' and $manage_folder != false { file { [ "${cache}/${name}" ]: diff --git a/manifests/subsystem/resolver.pp b/manifests/subsystem/resolver.pp index cca7609..00fe6c6 100644 --- a/manifests/subsystem/resolver.pp +++ b/manifests/subsystem/resolver.pp @@ -1,8 +1,8 @@ class nodo::subsystem::resolver( - $manage = hiera('nodo::subsystem::resolver::manage', false), - $nameservers = hiera('nodo::subsystem::resolver::nameservers', ''), - $domain = hiera('nodo::subsystem::resolver::domain', $::domain), - $search = hiera('nodo::subsystem::resolver::search', $::fqdn) + $manage = lookup('nodo::subsystem::resolver::manage', undef, undef, false), + $nameservers = lookup('nodo::subsystem::resolver::nameservers', undef, undef, ''), + $domain = lookup('nodo::subsystem::resolver::domain', undef, undef, $::domain), + $search = lookup('nodo::subsystem::resolver::search', undef, undef, $::fqdn) ) { # DNS resolver case $manage { diff --git a/manifests/subsystem/scanner.pp b/manifests/subsystem/scanner.pp index 89b0cc3..b1401cd 100644 --- a/manifests/subsystem/scanner.pp +++ b/manifests/subsystem/scanner.pp @@ -1,4 +1,4 @@ -class nodo::subsystem::scanner($access_list = hiera('nodo::subsystem::scanner::access_list', '')) { +class nodo::subsystem::scanner($access_list = lookup('nodo::subsystem::scanner::access_list', undef, undef, '')) { package { [ 'sane', 'sane-utils' ]: ensure => present, } diff --git a/manifests/subsystem/scanner/client.pp b/manifests/subsystem/scanner/client.pp index 873f8b9..c1eb92d 100644 --- a/manifests/subsystem/scanner/client.pp +++ b/manifests/subsystem/scanner/client.pp @@ -1,4 +1,4 @@ -class nodo::subsystem::scanner::client($server = hiera('nodo::subsystem::scanner::client::hostname', 'localhost')) { +class nodo::subsystem::scanner::client($server = lookup('nodo::subsystem::scanner::client::hostname', undef, undef, 'localhost')) { package { 'sane': ensure => present, } diff --git a/manifests/subsystem/screen/startup.pp b/manifests/subsystem/screen/startup.pp index 15f9b56..1c3a847 100644 --- a/manifests/subsystem/screen/startup.pp +++ b/manifests/subsystem/screen/startup.pp @@ -1,8 +1,8 @@ class nodo::subsystem::screen::startup( - $windows = hiera('nodo::subsystem::screen::startup::windows', [ "${::hostname} 0 bash -c \"tail -F /var/log/*log /var/log/*/*log\"", - "journal 1 journalctl -f", - "top 2 top" ]), - $select = hiera('nodo::subsystem::screen::startup::select', 1) + $windows = lookup('nodo::subsystem::screen::startup::windows', undef, undef, [ "${::hostname} 0 bash -c \"tail -F /var/log/*log /var/log/*/*log\"", + "journal 1 journalctl -f", + "top 2 top" ]), + $select = lookup('nodo::subsystem::screen::startup::select', undef, undef, 1) ) { file { "/etc/screenrc.startup": content => template('nodo/screen/screenrc.erb'), diff --git a/manifests/subsystem/sshd.pp b/manifests/subsystem/sshd.pp index c520c9e..dd0968b 100644 --- a/manifests/subsystem/sshd.pp +++ b/manifests/subsystem/sshd.pp @@ -1,5 +1,5 @@ class nodo::subsystem::sshd { - $manage = hiera('nodo::subsystem::sshd::manage', true) + $manage = lookup('nodo::subsystem::sshd::manage', undef, undef, true) if $manage == true { include ::sshd diff --git a/manifests/subsystem/sysctl/appliance.pp b/manifests/subsystem/sysctl/appliance.pp index 23b1e96..2657542 100644 --- a/manifests/subsystem/sysctl/appliance.pp +++ b/manifests/subsystem/sysctl/appliance.pp @@ -1,4 +1,4 @@ -class nodo::subsystem::sysctl::appliance($kernel_panic = hiera('nodo::sysctl::appliance', '20')) { +class nodo::subsystem::sysctl::appliance($kernel_panic = lookup('nodo::sysctl::appliance', undef, undef, '20')) { file { "/etc/sysctl.d/kernel.panic.conf": owner => "root", group => "root", diff --git a/manifests/subsystem/sysctl/disable_ipv6.pp b/manifests/subsystem/sysctl/disable_ipv6.pp index 2404d8f..2c384c3 100644 --- a/manifests/subsystem/sysctl/disable_ipv6.pp +++ b/manifests/subsystem/sysctl/disable_ipv6.pp @@ -1,7 +1,7 @@ # Do not enable ipv6 by default # See https://wiki.debian.org/DebianIPv6 class nodo::subsystem::sysctl::disable_ipv6( - $ensure = hiera('nodo::sysctl::disable_ipv6', 'present'), + $ensure = lookup('nodo::sysctl::disable_ipv6', undef, undef, 'present'), ) { file { "/etc/sysctl.d/disable_ipv6.conf": owner => "root", diff --git a/manifests/subsystem/sysctl/tcp_challenge_ack_limit.pp b/manifests/subsystem/sysctl/tcp_challenge_ack_limit.pp index c1f6650..ca90e27 100644 --- a/manifests/subsystem/sysctl/tcp_challenge_ack_limit.pp +++ b/manifests/subsystem/sysctl/tcp_challenge_ack_limit.pp @@ -3,7 +3,7 @@ # http://coolnerd.co/2016/08/researchers-announce-linux-kernel-network-snooping-bug-naked-security/ # https://nakedsecurity.sophos.com/2016/08/12/researchers-announce-linux-kernel-network-snooping-bug/ class nodo::subsystem::sysctl::tcp_challenge_ack_limit( - $ensure = hiera('nodo::sysctl::tcp_challenge_ack_limit', 'present'), + $ensure = lookup('nodo::sysctl::tcp_challenge_ack_limit', undef, undef, 'present'), ) { file { "/etc/sysctl.d/tcp_challenge_ack_limit.conf": owner => "root", diff --git a/manifests/subsystem/udev/network.pp b/manifests/subsystem/udev/network.pp index 2e42519..734c025 100644 --- a/manifests/subsystem/udev/network.pp +++ b/manifests/subsystem/udev/network.pp @@ -1,5 +1,5 @@ class nodo::subsystem::udev::network { - $role = hiera('nodo::role', 'default') + $role = lookup('nodo::role', undef, undef, 'default') file { '/etc/udev/rules.d/70-persistent-net.rules': ensure => present, diff --git a/manifests/utils/java.pp b/manifests/utils/java.pp index 59e26a3..09a79a6 100644 --- a/manifests/utils/java.pp +++ b/manifests/utils/java.pp @@ -18,7 +18,7 @@ class nodo::utils::java ( # Java alternative file { "/etc/alternatives/java": ensure => $ensure ? { - 'present','installed','latest' => hiera('nodo::utils::java::alternative', '/usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java'), + 'present','installed','latest' => lookup('nodo::utils::java::alternative', undef, undef, '/usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java'), default => undef, }, owner => root, diff --git a/manifests/utils/multimedia.pp b/manifests/utils/multimedia.pp index ed40c11..3b87dc3 100644 --- a/manifests/utils/multimedia.pp +++ b/manifests/utils/multimedia.pp @@ -51,6 +51,6 @@ class nodo::utils::multimedia inherits nodo::utils::multimedia::minimal { } # Flash implementation (deprecated) - #$flash = hiera('nodo::utils::multimedia::flash', 'gnash') + #$flash = lookup('nodo::utils::multimedia::flash', undef, undef, 'gnash') #class { "nodo::utils::multimedia::${flash}": } } -- cgit v1.2.3