Adding puppet::master::update

4 files changed, 52 insertions, 19 deletions

diff --git a/files/post-update.sh b/files/post-update.sh
new file mode 100644
index 0000000..21030b1
--- /dev/null
+++ b/files/post-update.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+# See https://we.riseup.net/riseup+tech/puppet
+
+echo ""
+echo "Updating puppet configuration..."
+echo ""
+
+unset GIT_DIR
+
+cd $PUPPET_DIR
+
+# lockfile comes from procmail package
+lockfile ~/puppet.lock
+
+# call external SUID script that will update PUPPET_DIR
+sudo -u puppet /usr/local/sbin/update-puppet-conf.sh \
+  || echo "Updating puppet failed. Fix it manually."
+
+# remove lock
+rm -f ~/puppet.lock
diff --git a/files/update-puppet-conf.sh b/files/update-puppet-conf.sh
index b299950..1eaae46 100644
--- a/files/update-puppet-conf.sh
+++ b/files/update-puppet-conf.sh
@@ -3,7 +3,7 @@
 # This file updates the /etc/puppet directory with recent changes to the
 # /var/git/repositories/puppet repository and changes to other remote
 # repositories configured as submodules of this puppet installation. This
-# script it intended to be called from a cron-job.
+# script it intended to be called from a cron-job or by a post-update hook.
 
 PUPPET_DIR=/etc/puppet
 ORIGIN_DIR=/var/git/repositories/puppet.git
diff --git a/manifests/master/update.pp b/manifests/master/update.pp
new file mode 100644
index 0000000..4d6925c
--- /dev/null
+++ b/manifests/master/update.pp
@@ -0,0 +1,28 @@
+class puppet::master::update {
+  # cron rule to update puppet config repository every 5 minutes
+  cron { "puppet-update":
+    command  => "/usr/local/sbin/update-puppet-conf.sh > /dev/null 2>&1",
+    user     => puppet,
+    minute   => "*/5",
+    ensure   => present,
+    require  => [ File["/usr/local/sbin/update-puppet-conf.sh"], User["puppet"] ],
+  }
+
+  # and the script to the cron-job above
+  file { "/usr/local/sbin/update-puppet-conf.sh":
+    source => "puppet:///modules/puppet/update-puppet-conf.sh",
+    owner  => "puppet",
+    group  => "puppet",
+    mode   => 0755,
+    ensure => present,
+  }
+
+  # TODO: use a post-update hook instead of the cronjob
+  file { '/var/git/repositories/puppet.git/hooks/post-update':
+    ensure => absent,
+    mode   => 0755,
+    owner  => gitolite,
+    group  => gitolite,
+    source => "puppet:///modules/puppet/post-update.sh",
+  }
+}
diff --git a/manifests/puppetmasterd.pp b/manifests/puppetmasterd.pp
index b0bd3e0..16a79dd 100644
--- a/manifests/puppetmasterd.pp
+++ b/manifests/puppetmasterd.pp
@@ -92,15 +92,6 @@ class puppetmasterd {
     require => User["puppet"],
   }
 
-  # cron rule to update puppet config repository every 5 minutes
-  cron { "puppet-update":
-    command  => "/usr/local/sbin/update-puppet-conf.sh > /dev/null 2>&1",
-    user     => puppet,
-    minute   => "*/5",
-    ensure   => present,
-    require  => [ File["/usr/local/sbin/update-puppet-conf.sh"], User["puppet"] ],
-  }
-
   # cron rule to restart puppetmaster before restarting the nodes
   cron { "puppetmaster-restart":
     command  => "/etc/init.d/puppetmaster restart > /dev/null 2>&1",
@@ -124,6 +115,9 @@ class puppetmasterd {
     },
     require  => File["/usr/local/sbin/puppetlast"],
   }
+
+  # update config
+  include puppet::master::update
   
   # custom puppetlast command, thanks to immerda module:
   # http://git.puppet.immerda.ch/?p=module-puppet.git;a=summary
@@ -138,15 +132,6 @@ class puppetmasterd {
     mode   => 0700,
   }
 
-  # and the script to the cron-job above
-  file { "/usr/local/sbin/update-puppet-conf.sh":
-    source => "puppet://$server/modules/puppet/update-puppet-conf.sh",
-    owner  => "puppet",
-    group  => "puppet",
-    mode   => 0755,
-    ensure => present,
-  }
-
   # for storeconfigs
   include mysql::server