diff options
Diffstat (limited to 'puppet/modules')
| -rw-r--r-- | puppet/modules/clamav/manifests/daemon.pp | 3 | ||||
| -rw-r--r-- | puppet/modules/leap_mx/manifests/init.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/obfsproxy/manifests/init.pp | 5 | ||||
| -rw-r--r-- | puppet/modules/site_config/manifests/caching_resolver.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_config/manifests/dhclient.pp | 10 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/logrotate.pp | 10 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/mirror.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/upload_design.pp | 3 | ||||
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/obfsproxy.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/service/webapp_api.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/sshd.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_shorewall/manifests/tor.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_static/manifests/domain.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_static/manifests/init.pp | 5 | ||||
| -rw-r--r-- | puppet/modules/site_static/manifests/location.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_webapp/manifests/cron.pp | 5 | 
16 files changed, 33 insertions, 17 deletions
| diff --git a/puppet/modules/clamav/manifests/daemon.pp b/puppet/modules/clamav/manifests/daemon.pp index bf232e2c..2e13a8fb 100644 --- a/puppet/modules/clamav/manifests/daemon.pp +++ b/puppet/modules/clamav/manifests/daemon.pp @@ -1,3 +1,4 @@ +# deploy clamav daemon  class clamav::daemon {    $domain_hash           = hiera('domain') @@ -55,7 +56,7 @@ class clamav::daemon {        require => Package['clamav-daemon'],        notify  => Service['clamav-daemon']; -     'enable_phishscanurls': +    'enable_phishscanurls':        path    => '/etc/clamav/clamd.conf',        match   => 'PhishingScanURLs no',        line    => 'PhishingScanURLs yes', diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index e5d85b91..d758e3ab 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -1,3 +1,4 @@ +# deploy leap mx service  class leap_mx {    $leap_mx          = hiera('couchdb_leap_mx_user') diff --git a/puppet/modules/obfsproxy/manifests/init.pp b/puppet/modules/obfsproxy/manifests/init.pp index 728295f7..6a3d2c72 100644 --- a/puppet/modules/obfsproxy/manifests/init.pp +++ b/puppet/modules/obfsproxy/manifests/init.pp @@ -1,3 +1,4 @@ +# deploy obfsproxy service  class obfsproxy (    $transport,    $bind_address, @@ -23,8 +24,8 @@ class obfsproxy (    }    file { '/etc/init.d/obfsproxy': -    path    => '/etc/init.d/obfsproxy',      ensure  => present, +    path    => '/etc/init.d/obfsproxy',      source  => 'puppet:///modules/obfsproxy/obfsproxy_init',      owner   => 'root',      group   => 'root', @@ -33,8 +34,8 @@ class obfsproxy (    }    file { $conf : -    path    => $conf,      ensure  => present, +    path    => $conf,      owner   => 'root',      group   => 'root',      mode    => '0600', diff --git a/puppet/modules/site_config/manifests/caching_resolver.pp b/puppet/modules/site_config/manifests/caching_resolver.pp index a016627d..8bf465c1 100644 --- a/puppet/modules/site_config/manifests/caching_resolver.pp +++ b/puppet/modules/site_config/manifests/caching_resolver.pp @@ -1,3 +1,4 @@ +# deploy local caching resolver  class site_config::caching_resolver {    tag 'leap_base' diff --git a/puppet/modules/site_config/manifests/dhclient.pp b/puppet/modules/site_config/manifests/dhclient.pp index eb09fda1..a1f87d41 100644 --- a/puppet/modules/site_config/manifests/dhclient.pp +++ b/puppet/modules/site_config/manifests/dhclient.pp @@ -1,10 +1,10 @@ +# Unfortunately, there does not seem to be a way to reload the dhclient.conf +# config file, or a convenient way to disable the modifications to +# /etc/resolv.conf. So the following makes the functions involved noops and +# ships a script to kill and restart dhclient. See the debian bugs: +# #681698, #712796  class site_config::dhclient { -  # Unfortunately, there does not seem to be a way to reload the dhclient.conf -  # config file, or a convenient way to disable the modifications to -  # /etc/resolv.conf. So the following makes the functions involved noops and -  # ships a script to kill and restart dhclient. See the debian bugs: -  # #681698, #712796    include site_config::params diff --git a/puppet/modules/site_couchdb/manifests/logrotate.pp b/puppet/modules/site_couchdb/manifests/logrotate.pp index e1039d49..bb8843bb 100644 --- a/puppet/modules/site_couchdb/manifests/logrotate.pp +++ b/puppet/modules/site_couchdb/manifests/logrotate.pp @@ -1,12 +1,14 @@ +# configure couchdb logrotation  class site_couchdb::logrotate {    augeas {      'logrotate_bigcouch':        context => '/files/etc/logrotate.d/bigcouch/rule', -      changes => [ 'set file /opt/bigcouch/var/log/*.log', 'set rotate 7', -                   'set schedule daily', 'set compress compress', -                   'set missingok missingok', 'set ifempty notifempty', -                   'set copytruncate copytruncate' ] +      changes => [ +        'set file /opt/bigcouch/var/log/*.log', 'set rotate 7', +        'set schedule daily', 'set compress compress', +        'set missingok missingok', 'set ifempty notifempty', +        'set copytruncate copytruncate' ]    }  } diff --git a/puppet/modules/site_couchdb/manifests/mirror.pp b/puppet/modules/site_couchdb/manifests/mirror.pp index a69f3964..fb82b897 100644 --- a/puppet/modules/site_couchdb/manifests/mirror.pp +++ b/puppet/modules/site_couchdb/manifests/mirror.pp @@ -1,3 +1,4 @@ +# configure mirroring of couch nodes  class site_couchdb::mirror {    Class['site_couchdb::add_users'] diff --git a/puppet/modules/site_couchdb/manifests/upload_design.pp b/puppet/modules/site_couchdb/manifests/upload_design.pp index 7b0cabd7..bd73ebf2 100644 --- a/puppet/modules/site_couchdb/manifests/upload_design.pp +++ b/puppet/modules/site_couchdb/manifests/upload_design.pp @@ -1,4 +1,5 @@ -define site_couchdb::upload_design($db = $title, $design) { +# upload a design doc to a db +define site_couchdb::upload_design($design, $db = $title) {    $design_name = regsubst($design, '^.*\/(.*)\.json$', '\1')    $id = "_design/${design_name}"    $file = "/srv/leap/couchdb/designs/${design}" diff --git a/puppet/modules/site_shorewall/manifests/obfsproxy.pp b/puppet/modules/site_shorewall/manifests/obfsproxy.pp index fa8a8bd0..75846705 100644 --- a/puppet/modules/site_shorewall/manifests/obfsproxy.pp +++ b/puppet/modules/site_shorewall/manifests/obfsproxy.pp @@ -1,3 +1,4 @@ +# configure shorewell for obfsproxy  class site_shorewall::obfsproxy {    include site_shorewall::defaults diff --git a/puppet/modules/site_shorewall/manifests/service/webapp_api.pp b/puppet/modules/site_shorewall/manifests/service/webapp_api.pp index ee021226..d3a1aeed 100644 --- a/puppet/modules/site_shorewall/manifests/service/webapp_api.pp +++ b/puppet/modules/site_shorewall/manifests/service/webapp_api.pp @@ -1,3 +1,4 @@ +# configure shorewall for webapp api  class site_shorewall::service::webapp_api {    $api = hiera('api') diff --git a/puppet/modules/site_shorewall/manifests/sshd.pp b/puppet/modules/site_shorewall/manifests/sshd.pp index 91089c87..e2332592 100644 --- a/puppet/modules/site_shorewall/manifests/sshd.pp +++ b/puppet/modules/site_shorewall/manifests/sshd.pp @@ -1,3 +1,4 @@ +# configure shorewall for sshd  class site_shorewall::sshd {    $ssh_config     = hiera('ssh') diff --git a/puppet/modules/site_shorewall/manifests/tor.pp b/puppet/modules/site_shorewall/manifests/tor.pp index 723f3210..324b4844 100644 --- a/puppet/modules/site_shorewall/manifests/tor.pp +++ b/puppet/modules/site_shorewall/manifests/tor.pp @@ -1,3 +1,4 @@ +# configure shorewall for tor  class site_shorewall::tor {    include site_shorewall::defaults diff --git a/puppet/modules/site_static/manifests/domain.pp b/puppet/modules/site_static/manifests/domain.pp index fd217b8f..8b9378f2 100644 --- a/puppet/modules/site_static/manifests/domain.pp +++ b/puppet/modules/site_static/manifests/domain.pp @@ -1,3 +1,4 @@ +# configure static service for domain  define site_static::domain (    $ca_cert,    $key, diff --git a/puppet/modules/site_static/manifests/init.pp b/puppet/modules/site_static/manifests/init.pp index 76ee6e19..4a722d62 100644 --- a/puppet/modules/site_static/manifests/init.pp +++ b/puppet/modules/site_static/manifests/init.pp @@ -1,3 +1,4 @@ +# deploy static service  class site_static {    tag 'leap_service' @@ -48,8 +49,8 @@ class site_static {    if (member($formats, 'amber')) {      rubygems::gem{'amber-0.3.8': -       require =>  Package['zlib1g-dev'] -     } +      require =>  Package['zlib1g-dev'] +    }      package { 'zlib1g-dev':          ensure => installed diff --git a/puppet/modules/site_static/manifests/location.pp b/puppet/modules/site_static/manifests/location.pp index 1adcce01..d116de2f 100644 --- a/puppet/modules/site_static/manifests/location.pp +++ b/puppet/modules/site_static/manifests/location.pp @@ -1,3 +1,4 @@ +# configure static service for location  define site_static::location($path, $format, $source) {    $file_path = "/srv/static/${name}" diff --git a/puppet/modules/site_webapp/manifests/cron.pp b/puppet/modules/site_webapp/manifests/cron.pp index 7147a0d2..70b9da04 100644 --- a/puppet/modules/site_webapp/manifests/cron.pp +++ b/puppet/modules/site_webapp/manifests/cron.pp @@ -1,3 +1,4 @@ +# setup webapp cronjobs  class site_webapp::cron {    # cron tasks that need to be performed to cleanup the database @@ -19,12 +20,12 @@ class site_webapp::cron {      # there is no longer a need to remove expired sessions, since the database      # will get destroyed.      'remove_expired_sessions': +      ensure      => absent,        command     => 'cd /srv/leap/webapp && bundle exec rake cleanup:sessions',        environment => 'RAILS_ENV=production',        user        => 'leap-webapp',        hour        => 2, -      minute      => 30, -      ensure      => absent; +      minute      => 30;      'remove_expired_tokens':        command     => 'cd /srv/leap/webapp && bundle exec rake cleanup:tokens', | 
