class nodo { include lsb include puppetd include backup include sudo include users::admin include motd include utils include cron include hosts include locales include tunnel include profile include domain # Set timezone and ntp config # # We config those here but leave class inclusion elsewhere # as ntp config differ from server to vserver. # $ntp_timezone = "Brazil/East" $ntp_pool = "south-america.pool.ntp.org" $ntp_servers = [ 'a.ntp.br', 'b.ntp.br', 'c.ntp.br' ] # Email delivery configuration case $mail_delivery { 'tunnel': { tunnel::mail { "$mail_hostname": sshport => "$mail_ssh_port", } } 'postfix': { } '','exim',default: { include exim::tls } } # Apt configuration if $use_apt != false { # TODO: remove this in the future after all old nodes # have applied the catalog. file { '/etc/apt/sources.list.d/debian-backports.list': ensure => absent, } include apt include apt::unattended_upgrades apt::sources_list { "$domain.list": source => "puppet:///modules/site-apt/sources.list.d/$operatingsystem/$domain.list", ensure => $apt_domain_source ? { true => present, default => absent, } } # Preferences file can't have dots in the filename $apt_domain_preferences = regsubst($domain, '\.', '-', 'G') file { "/etc/apt/preferences.d/$apt_domain_preferences": source => [ "puppet:///modules/site-apt/preferences.d/$operatingsystem/$domain", "puppet:///modules/nodo/preferences.d/custom" ], ensure => $apt_domain_source ? { true => present, default => absent, } } package { 'apt-transport-https': ensure => present, } } # Default SSH configuration $sshd_password_authentication = "yes" $sshd_shared_ip = "yes" $sshd_tcp_forwarding = "yes" $sshd_hardened_ssl = "yes" $sshd_print_motd = "yes" file { "/etc/hostname": owner => "root", group => "root", mode => 0644, ensure => present, content => "$fqdn\n", } file { "/etc/rc.local": source => "puppet://$server/modules/nodo/etc/rc.local", owner => "root", group => "root", mode => 0755, ensure => present, } }