diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2013-04-13 17:19:51 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2013-04-13 17:19:51 -0300 |
| commit | 23720254e0e298f24858dabdf1a233e17ef759e8 (patch) | |
| tree | 586aa4cc68250ec6623d1b1601b53def386675a1 /manifests/nodo.pp | |
| parent | 7fb6adec51e060f32ff0392840a65280f9f15345 (diff) | |
| download | puppet-nodo-23720254e0e298f24858dabdf1a233e17ef759e8.tar.gz puppet-nodo-23720254e0e298f24858dabdf1a233e17ef759e8.tar.bz2 | |
Moving some code to a base class
Diffstat (limited to 'manifests/nodo.pp')
| -rw-r--r-- | manifests/nodo.pp | 152 |
1 files changed, 2 insertions, 150 deletions
diff --git a/manifests/nodo.pp b/manifests/nodo.pp index 3502c23..50b74b8 100644 --- a/manifests/nodo.pp +++ b/manifests/nodo.pp @@ -1,154 +1,6 @@ class nodo { - include lsb - include nodo::subsystem::sudo - include nodo::subsystem::motd - include nodo::subsystem::locales - include nodo::subsystem::profile - include nodo::utils - include tunnel::autossh - include domain_check - include users::admin - include concat::setup - include cron - - class { 'nodo::subsystem::hosts': } - - # Include if not defined by nodo::master - if !defined(Class['puppet::daemon']) { - class { 'puppet::daemon': } - } - - # - # Backup - # - class { 'backup': } - - $local_backup = hiera('nodo::backup::localhost', false) - - # Local encrypted backup - case $local_backup { - true,enabled,present: { - backup::duplicity { "localhost": - encryptkey => hiera('nodo::backup::encryptkey'), - password => hiera('nodo::backup::password'), - } - } - absent: { - backup::duplicity { "localhost": - encryptkey => hiera('nodo::backup::encryptkey'), - password => hiera('nodo::backup::password'), - ensure => absent, - } - } - default: { } - } - - # Does not work well inside vservers - class { 'runit': ensure => absent } - - # Email delivery configuration - $mail_delivery = hiera('nodo::mail_delivery', 'exim') - case $mail_delivery { - 'tunnel': { - $mail_hostname = hiera('nodo::mail_hostname') - tunnel::autossh::mail { "$mail_hostname": - sshport => hiera('nodo::mail_ssh_port'), - } - } - 'postfix': { } - '','exim',default: { include exim::tls } - } - - # - # Apt configuration - # - class { 'apt': - include_src => hiera('nodo::apt_include_src', false), - use_next_release => hiera('nodo::apt_use_next_release', false), - custom_key_dir => hiera('nodo::apt_custom_key_dir', 'puppet:///modules/site_apt/keys.d') - } - - include apt::unattended_upgrades - - $apt_domain_source = hiera('nodo::apt_domain_source', false) - - apt::sources_list { "${::domain}.list": - source => [ "puppet:///modules/site_apt/sources.list.d/${::operatingsystem}/${::lsbdistcodename}/${::domain}.list", - "puppet:///modules/site_apt/sources.list.d/${::operatingsystem}/${::domain}.list", ], - ensure => $apt_domain_source ? { - true => present, - default => absent, - } - } - - # Preferences file can't have dots in the filename - $apt_domain_preferences = regsubst($::domain, '\.', '-', 'G') - - file { "/etc/apt/preferences.d/${apt_domain_preferences}": - source => [ "puppet:///modules/site_apt/preferences.d/${::operatingsystem}/${::domain}", - "puppet:///modules/nodo/preferences.d/custom" ], - ensure => $apt_domain_source ? { - true => present, - default => absent, - } - } - - $apt_proxy = hiera('nodo::apt_proxy', false) - - if $apt_proxy != false { - class { 'apt::proxy_client': - proxy => $apt_proxy, - port => hiera('nodo::apt_proxy_port', ''), - } - } - - package { 'apt-transport-https': - ensure => present, - } - - # SSH Server - # - # We need to restrict listen address by default so multiple - # instances can live together in the same physical host. - # - class { 'sshd': - manage_nagios => hiera('nodo::sshd_manage_nagios', false), - listen_address => hiera('nodo::sshd_listen_address', [ "${::ipaddress}", '127.0.0.1' ]), - password_authentication => hiera('nodo::sshd_password_authentication', 'yes'), - shared_ip => hiera('nodo::sshd_shared_ip', 'yes'), - tcp_forwarding => hiera('nodo::sshd_tcp_forwarding', 'yes'), - hardened_ssl => hiera('nodo::sshd_hardened_ssl', 'yes'), - print_motd => hiera('nodo::sshd_print_motd', 'no'), - ports => hiera('nodo::sshd_ports', [ 22 ]), - use_pam => hiera('nodo::sshd_use_pam', 'no'), - } - - # Add the localhost ssh key, useful when one needs - # to ssh to localhost. - sshkey { [ 'localhost', '127.0.0.1' ]: - type => ssh-rsa, - key => $::sshrsakey, - ensure => $::sshrsakey ? { - '' => absent, - default => present, - }, - } - - file { "/etc/hostname": - owner => "root", - group => "root", - mode => 0644, - ensure => present, - content => "${::fqdn}\n", - } - - file { "/etc/rc.local": - source => "puppet:///modules/nodo/etc/rc.local", - owner => "root", - group => "root", - mode => 0755, - ensure => present, - } + # Include base class + include nodo::base # Include role class if defined("nodo::role::${::role}") { |