diff options
| -rw-r--r-- | files/post-update.sh | 20 | ||||
| -rw-r--r-- | files/update-puppet-conf.sh | 2 | ||||
| -rw-r--r-- | manifests/master/update.pp | 28 | ||||
| -rw-r--r-- | manifests/puppetmasterd.pp | 21 |
4 files changed, 52 insertions, 19 deletions
diff --git a/files/post-update.sh b/files/post-update.sh new file mode 100644 index 0000000..21030b1 --- /dev/null +++ b/files/post-update.sh @@ -0,0 +1,20 @@ +#!/bin/bash +# See https://we.riseup.net/riseup+tech/puppet + +echo "" +echo "Updating puppet configuration..." +echo "" + +unset GIT_DIR + +cd $PUPPET_DIR + +# lockfile comes from procmail package +lockfile ~/puppet.lock + +# call external SUID script that will update PUPPET_DIR +sudo -u puppet /usr/local/sbin/update-puppet-conf.sh \ + || echo "Updating puppet failed. Fix it manually." + +# remove lock +rm -f ~/puppet.lock diff --git a/files/update-puppet-conf.sh b/files/update-puppet-conf.sh index b299950..1eaae46 100644 --- a/files/update-puppet-conf.sh +++ b/files/update-puppet-conf.sh @@ -3,7 +3,7 @@ # This file updates the /etc/puppet directory with recent changes to the # /var/git/repositories/puppet repository and changes to other remote # repositories configured as submodules of this puppet installation. This -# script it intended to be called from a cron-job. +# script it intended to be called from a cron-job or by a post-update hook. PUPPET_DIR=/etc/puppet ORIGIN_DIR=/var/git/repositories/puppet.git diff --git a/manifests/master/update.pp b/manifests/master/update.pp new file mode 100644 index 0000000..4d6925c --- /dev/null +++ b/manifests/master/update.pp @@ -0,0 +1,28 @@ +class puppet::master::update { + # cron rule to update puppet config repository every 5 minutes + cron { "puppet-update": + command => "/usr/local/sbin/update-puppet-conf.sh > /dev/null 2>&1", + user => puppet, + minute => "*/5", + ensure => present, + require => [ File["/usr/local/sbin/update-puppet-conf.sh"], User["puppet"] ], + } + + # and the script to the cron-job above + file { "/usr/local/sbin/update-puppet-conf.sh": + source => "puppet:///modules/puppet/update-puppet-conf.sh", + owner => "puppet", + group => "puppet", + mode => 0755, + ensure => present, + } + + # TODO: use a post-update hook instead of the cronjob + file { '/var/git/repositories/puppet.git/hooks/post-update': + ensure => absent, + mode => 0755, + owner => gitolite, + group => gitolite, + source => "puppet:///modules/puppet/post-update.sh", + } +} diff --git a/manifests/puppetmasterd.pp b/manifests/puppetmasterd.pp index b0bd3e0..16a79dd 100644 --- a/manifests/puppetmasterd.pp +++ b/manifests/puppetmasterd.pp @@ -92,15 +92,6 @@ class puppetmasterd { require => User["puppet"], } - # cron rule to update puppet config repository every 5 minutes - cron { "puppet-update": - command => "/usr/local/sbin/update-puppet-conf.sh > /dev/null 2>&1", - user => puppet, - minute => "*/5", - ensure => present, - require => [ File["/usr/local/sbin/update-puppet-conf.sh"], User["puppet"] ], - } - # cron rule to restart puppetmaster before restarting the nodes cron { "puppetmaster-restart": command => "/etc/init.d/puppetmaster restart > /dev/null 2>&1", @@ -124,6 +115,9 @@ class puppetmasterd { }, require => File["/usr/local/sbin/puppetlast"], } + + # update config + include puppet::master::update # custom puppetlast command, thanks to immerda module: # http://git.puppet.immerda.ch/?p=module-puppet.git;a=summary @@ -138,15 +132,6 @@ class puppetmasterd { mode => 0700, } - # and the script to the cron-job above - file { "/usr/local/sbin/update-puppet-conf.sh": - source => "puppet://$server/modules/puppet/update-puppet-conf.sh", - owner => "puppet", - group => "puppet", - mode => 0755, - ensure => present, - } - # for storeconfigs include mysql::server |