summaryrefslogtreecommitdiff
path: root/puppet/modules/site_config/manifests
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/site_config/manifests')
-rw-r--r--puppet/modules/site_config/manifests/files.pp8
-rw-r--r--puppet/modules/site_config/manifests/packages/build_essential.pp6
-rw-r--r--puppet/modules/site_config/manifests/params.pp14
-rw-r--r--puppet/modules/site_config/manifests/remove.pp5
-rw-r--r--puppet/modules/site_config/manifests/remove/jessie.pp5
-rw-r--r--puppet/modules/site_config/manifests/remove/webapp.pp12
-rw-r--r--puppet/modules/site_config/manifests/setup.pp2
-rw-r--r--puppet/modules/site_config/manifests/syslog.pp30
-rw-r--r--puppet/modules/site_config/manifests/vagrant.pp14
9 files changed, 56 insertions, 40 deletions
diff --git a/puppet/modules/site_config/manifests/files.pp b/puppet/modules/site_config/manifests/files.pp
index d2ef8a98..e74ad567 100644
--- a/puppet/modules/site_config/manifests/files.pp
+++ b/puppet/modules/site_config/manifests/files.pp
@@ -3,10 +3,10 @@ class site_config::files {
file {
'/srv/leap':
- ensure => directory,
- owner => 'root',
- group => 'root',
- mode => '0711';
+ ensure => directory,
+ owner => 'root',
+ group => 'root',
+ mode => '0711';
[ '/etc/leap', '/var/lib/leap']:
ensure => directory,
diff --git a/puppet/modules/site_config/manifests/packages/build_essential.pp b/puppet/modules/site_config/manifests/packages/build_essential.pp
index 2b3e13b9..5b9a2602 100644
--- a/puppet/modules/site_config/manifests/packages/build_essential.pp
+++ b/puppet/modules/site_config/manifests/packages/build_essential.pp
@@ -16,12 +16,6 @@ class site_config::packages::build_essential inherits ::site_config::packages {
}
}
- /^7.*/: {
- Package[ 'gcc-4.7','g++-4.7', 'cpp-4.7' ] {
- ensure => present
- }
- }
-
default: { }
}
diff --git a/puppet/modules/site_config/manifests/params.pp b/puppet/modules/site_config/manifests/params.pp
index 012b3ce0..2c9687a3 100644
--- a/puppet/modules/site_config/manifests/params.pp
+++ b/puppet/modules/site_config/manifests/params.pp
@@ -1,3 +1,4 @@
+# Default parameters
class site_config::params {
$ip_address = hiera('ip_address')
@@ -5,9 +6,16 @@ class site_config::params {
$ec2_local_ipv4_interface = getvar("interface_${::ec2_local_ipv4}")
$environment = hiera('environment', undef)
-
- if $environment == 'local' {
- $interface = 'eth1'
+ if str2bool("$::vagrant") {
+ # Depending on the backend hypervisor networking is setup differently.
+ if $::interfaces =~ /eth1/ {
+ # Virtualbox: Private networking creates a second interface eth1
+ $interface = 'eth1'
+ }
+ else {
+ # KVM/Libvirt: Private networking is done by defauly on first interface
+ $interface = 'eth0'
+ }
include site_config::packages::build_essential
}
elsif hiera('interface','') != '' {
diff --git a/puppet/modules/site_config/manifests/remove.pp b/puppet/modules/site_config/manifests/remove.pp
index 443df9c2..be6cdfd8 100644
--- a/puppet/modules/site_config/manifests/remove.pp
+++ b/puppet/modules/site_config/manifests/remove.pp
@@ -2,6 +2,11 @@
class site_config::remove {
include site_config::remove::files
+ package { 'leap-keyring':
+ ensure => purged,
+ }
+
+
case $::operatingsystemrelease {
/^8.*/: {
include site_config::remove::jessie
diff --git a/puppet/modules/site_config/manifests/remove/jessie.pp b/puppet/modules/site_config/manifests/remove/jessie.pp
index e9497baf..2fdc4794 100644
--- a/puppet/modules/site_config/manifests/remove/jessie.pp
+++ b/puppet/modules/site_config/manifests/remove/jessie.pp
@@ -7,8 +7,9 @@ class site_config::remove::jessie {
}
apt::preferences_snippet {
- [ 'facter', 'obfsproxy', 'python-twisted', 'unbound' ]:
- ensure => absent;
+ [ 'facter', 'obfsproxy', 'python-twisted', 'unbound', 'passenger',
+ 'rsyslog_anon_depends' ]:
+ ensure => absent;
}
}
diff --git a/puppet/modules/site_config/manifests/remove/webapp.pp b/puppet/modules/site_config/manifests/remove/webapp.pp
index 58f59815..963eb705 100644
--- a/puppet/modules/site_config/manifests/remove/webapp.pp
+++ b/puppet/modules/site_config/manifests/remove/webapp.pp
@@ -4,4 +4,16 @@ class site_config::remove::webapp {
'/etc/apache/sites-enabled/leap_webapp.conf':
notify => Service['apache'];
}
+
+ # Ensure haproxy is removed
+ package { 'haproxy':
+ ensure => purged,
+ }
+ augeas { 'haproxy':
+ incl => '/etc/check_mk/mrpe.cfg',
+ lens => 'Spacevars.lns',
+ changes => [ 'rm /files/etc/check_mk/mrpe.cfg/Haproxy' ],
+ require => File['/etc/check_mk/mrpe.cfg'];
+ }
+
}
diff --git a/puppet/modules/site_config/manifests/setup.pp b/puppet/modules/site_config/manifests/setup.pp
index 82dfe76d..ce0f91d4 100644
--- a/puppet/modules/site_config/manifests/setup.pp
+++ b/puppet/modules/site_config/manifests/setup.pp
@@ -37,7 +37,7 @@ class site_config::setup {
# we need to include shorewall::interface{eth0} in setup.pp so
# packages can be installed during main puppetrun, even before shorewall
# is configured completly
- if ( $::site_config::params::environment == 'local' ) {
+ if str2bool($::vagrant) {
include site_config::vagrant
}
diff --git a/puppet/modules/site_config/manifests/syslog.pp b/puppet/modules/site_config/manifests/syslog.pp
index 591e0601..096d5d77 100644
--- a/puppet/modules/site_config/manifests/syslog.pp
+++ b/puppet/modules/site_config/manifests/syslog.pp
@@ -1,25 +1,17 @@
# configure rsyslog on all nodes
class site_config::syslog {
- # only pin rsyslog packages to backports on wheezy
- case $::operatingsystemrelease {
- /^7.*/: {
- include ::site_apt::preferences::rsyslog
- }
- # on jessie+ systems, systemd and journald are enabled,
- # and journald logs IP addresses, so we need to disable
- # it until a solution is found, (#7863):
- # https://github.com/systemd/systemd/issues/2447
- default: {
- include ::journald
- augeas {
- 'disable_journald':
- incl => '/etc/systemd/journald.conf',
- lens => 'Puppet.lns',
- changes => 'set /files/etc/systemd/journald.conf/Journal/Storage \'none\'',
- notify => Service['systemd-journald'];
- }
- }
+ # on jessie+ systems, systemd and journald are enabled,
+ # and journald logs IP addresses, so we need to disable
+ # it until a solution is found, (#7863):
+ # https://github.com/systemd/systemd/issues/2447
+ include ::journald
+ augeas {
+ 'disable_journald':
+ incl => '/etc/systemd/journald.conf',
+ lens => 'Puppet.lns',
+ changes => 'set /files/etc/systemd/journald.conf/Journal/Storage \'none\'',
+ notify => Service['systemd-journald'];
}
class { '::rsyslog::client':
diff --git a/puppet/modules/site_config/manifests/vagrant.pp b/puppet/modules/site_config/manifests/vagrant.pp
index 8f50b305..1682de8b 100644
--- a/puppet/modules/site_config/manifests/vagrant.pp
+++ b/puppet/modules/site_config/manifests/vagrant.pp
@@ -1,11 +1,15 @@
+# Gets included on vagrant nodes
class site_config::vagrant {
- # class for vagrant nodes
include site_shorewall::defaults
- # eth0 on vagrant nodes is the uplink if
- shorewall::interface { 'eth0':
- zone => 'net',
- options => 'tcpflags,blacklist,nosmurfs';
+
+ if ( $::site_config::params::interface == 'eth1' ) {
+ # Don't block eth0 even if eth1 is configured, because
+ # it's vagrant's main interface to access the box
+ shorewall::interface { 'eth0':
+ zone => 'net',
+ options => 'tcpflags,blacklist,nosmurfs';
+ }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 18:49:00 +0000