1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
class nodo {
include lsb
include puppetd
include backup
include sudo
include users::admin
include motd
include utils
include cron
include hosts
include locales
include tunnel
# Set timezone and ntp config
#
# We config those here but leave class inclusion elsewhere
# as ntp config differ from server to vserver.
#
$ntp_timezone = "Brazil/East"
$ntp_pool = "south-america.pool.ntp.org"
$ntp_servers = [ 'a.ntp.br', 'b.ntp.br', 'c.ntp.br' ]
# Email delivery configuration
case $mail_delivery {
'tunnel': {
tunnel::mail { "$mail_hostname":
sshport => "$mail_ssh_port",
}
}
'postfix': { }
'','exim',default: { include exim }
}
# Apt configuration
if $use_apt != false {
include apt
include apt::unattended_upgrades
}
# Default SSH configuration
$sshd_password_authentication = "yes"
$sshd_shared_ip = "yes"
$sshd_tcp_forwarding = "yes"
$sshd_perfect_forward_secrecy = "yes"
file { "/etc/hostname":
owner => "root",
group => "root",
mode => 0644,
ensure => present,
content => "$fqdn\n",
}
file { "/etc/rc.local":
source => "puppet://$server/modules/nodo/etc/rc.local",
owner => "root",
group => "root",
mode => 0755,
ensure => present,
}
file { "/etc/screenrc":
source => "puppet://$server/modules/nodo/etc/screenrc",
owner => "root",
group => "root",
mode => 0644,
ensure => present,
}
# As of squeeze, custom configuration can be placed directly at
# /etc/profile.d, so in the future this file won't need to be
# managed by puppet anymore.
file { "/etc/profile":
source => [ "puppet://$server/modules/nodo/etc/profile.$lsbdistcodename",
"puppet://$server/modules/nodo/etc/profile",
],
owner => "root",
group => "root",
mode => 0644,
ensure => present,
require => File['/etc/profile.d/prompt.sh'],
}
file { "/etc/bash.bashrc":
source => "puppet://$server/modules/nodo/etc/bash.bashrc",
owner => "root",
group => "root",
mode => 0644,
ensure => present,
require => File['/etc/profile.d/prompt.sh'],
}
# As of squeeze, custom configuration can be placed directly at
# /etc/profile.d, so in the future this file has to stay there.
#
# This change has been backported to lenny via puppet so this
# file is not needed anymore.
file { "/usr/local/bin/prompt.sh":
ensure => absent,
}
file { "/etc/profile.d":
ensure => directory,
owner => "root",
group => "root",
}
file { "/etc/profile.d/prompt.sh":
ensure => present,
source => "puppet://$server/modules/nodo/etc/profile.d/prompt.sh",
owner => "root",
group => "root",
mode => 0644,
ensure => present,
require => File['/etc/profile.d'],
}
}
|
