summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJerome Charaoui <jcharaoui@cmaisonneuve.qc.ca>2010-05-11 17:00:20 -0400
committerJerome Charaoui <jcharaoui@cmaisonneuve.qc.ca>2010-05-11 17:00:20 -0400
commit57d8ecf86f49db2c9e367480e380a73cad4b71e6 (patch)
tree473263b26fdb525e7e7c90efbf919b9d3f02dd99
parent0f0434a582c1f3bd274a79e51ab34a2f4887e659 (diff)
parentfc72cbc8a9d09b2d305df061dfc74cc960610d85 (diff)
Merge commit 'nadir/master'
-rw-r--r--README32
-rw-r--r--files/client/puppet.conf12
-rw-r--r--files/master/config.ru29
-rw-r--r--files/master/puppet.conf5
-rw-r--r--manifests/base.pp4
-rw-r--r--manifests/cron/base.pp12
-rw-r--r--manifests/cron/linux.pp8
-rw-r--r--manifests/debian.pp1
-rw-r--r--manifests/init.pp2
-rw-r--r--manifests/linux.pp3
-rw-r--r--manifests/puppetmaster/base.pp40
-rw-r--r--manifests/puppetmaster/checklastrun.pp9
-rw-r--r--manifests/puppetmaster/linux.pp27
-rw-r--r--manifests/puppetmaster/package.pp9
-rw-r--r--manifests/puppetmaster/passenger.pp45
-rw-r--r--manifests/puppetmaster/storeconfigs.pp8
16 files changed, 205 insertions, 41 deletions
diff --git a/README b/README
new file mode 100644
index 0000000..916ce68
--- /dev/null
+++ b/README
@@ -0,0 +1,32 @@
+Puppet-Module for configuring Puppet itself, both the master and the clients
+============================================================================
+
+Use a seperate local module called "site-puppet", where you place your customized
+files, under:
+ site-puppet/files/master/fileserver.conf
+ site-puppet/files/master/puppet.conf
+
+those files in this module are just examples.
+
+Depends on Modules
+------------------
+- bc
+- cron
+
+Usage
+-----
+in your site.pp, i.e. :
+
+ $puppet_crontime = "0,12 * * * *"
+ include puppet::cron
+
+ include puppet::puppetmaster
+
+ include puppet::puppetmaster::passenger
+
+ $puppet_storeconfig_password="..."
+ include puppet::puppetmaster::storeconfigs
+
+
+
+...tbc...
diff --git a/files/client/puppet.conf b/files/client/puppet.conf
index ee14a20..e165f73 100644
--- a/files/client/puppet.conf
+++ b/files/client/puppet.conf
@@ -3,22 +3,18 @@
vardir=/var/lib/puppet
rundir=/var/run/puppet
- #ssldir=/var/lib/puppet/ssl
ssldir=$vardir/ssl
# Where 3rd party plugins and modules are installed
- libdir = /var/lib/puppet/lib
+ libdir = $vardir/lib
- templatedir=/var/lib/puppet/templates
+ templatedir=$vardir/templates
- # Turn plug-in synchronization on.
- pluginsync = true
- pluginsource = puppet://$server/plugins
- factpath = $vardir/lib/facter
+ factpath = $libdir/facter
[puppetd]
report=true
- server=puppet.glei.ch
+ #server=[fqdn here please]
# different run-interval, default= 30min
# e.g. run puppetd every 4 hours = 14400
diff --git a/files/master/config.ru b/files/master/config.ru
new file mode 100644
index 0000000..cec2a34
--- /dev/null
+++ b/files/master/config.ru
@@ -0,0 +1,29 @@
+# a config.ru, for use with every rack-compatible webserver.
+# SSL needs to be handled outside this, though.
+
+# if puppet is not in your RUBYLIB:
+# $:.unshift('/opt/puppet/lib')
+
+$0 = "puppetmasterd"
+require 'puppet'
+
+# logs to file instead of syslog
+#Puppet::Util::Log.newdestination("/var/log/puppet/puppetmasterd.log")
+
+# if you want debugging:
+#ARGV << "--debug"
+
+ARGV << "--rack"
+
+# in some setups puppetmasterd doesn't seem to read the puppet.conf
+# config at startup, then you need to pass these options:
+ARGV << "--vardir" << "/var/lib/puppet"
+ARGV << "--ssldir" << "/var/lib/puppet/ssl"
+
+# if you use puppet-dashboard:
+#ARGV << "--reports" << "puppet_dashboard"
+
+require 'puppet/application/puppetmasterd'
+# we're usually running inside a Rack::Builder.new {} block,
+# therefore we need to call run *here*.
+run Puppet::Application[:puppetmasterd].run
diff --git a/files/master/puppet.conf b/files/master/puppet.conf
index bcf2a23..0027e57 100644
--- a/files/master/puppet.conf
+++ b/files/master/puppet.conf
@@ -54,6 +54,11 @@
#usage for clusters
#ssl_client_header=HTTP_X_SSL_SUBJECT
+ # apache2/passenger usage: http://github.com/reductivelabs/puppet/tree/master/ext/rack
+ ssl_client_header = SSL_CLIENT_S_DN
+ ssl_client_verify_header = SSL_CLIENT_VERIFY
+
+
# specify allowed environments
environments=production,development
diff --git a/manifests/base.pp b/manifests/base.pp
index 081df5e..ebf4d7a 100644
--- a/manifests/base.pp
+++ b/manifests/base.pp
@@ -11,7 +11,9 @@ class puppet::base {
"puppet://$server/modules/puppet/client/puppet.conf.$operatingsystem",
"puppet://$server/modules/puppet/client/puppet.conf" ],
notify => Service[puppet],
- owner => root, group => 0, mode => 600;
+ # if puppetmasterd is deployed by apache2/passenger it needs to read puppet.conf
+ # therefore it must be readable by puppet
+ owner => puppet, group => 0, mode => 600;
}
service{'puppet':
ensure => running,
diff --git a/manifests/cron/base.pp b/manifests/cron/base.pp
index 3f7f8c0..5fc55d2 100644
--- a/manifests/cron/base.pp
+++ b/manifests/cron/base.pp
@@ -4,11 +4,17 @@ class puppet::cron::base inherits puppet::base {
Service['puppet']{
enable => false,
}
- File['puppet_config']{
- notify => undef
+
+ if defined (puppet::puppetmaster) {}
+ else {
+ File['puppet_config']{
+ notify => undef
+ }
}
+
+
case $operatingsystem {
- debian,openbsd: {
+ debian,openbsd,ubuntu: {
#it's already disabled
}
default: {
diff --git a/manifests/cron/linux.pp b/manifests/cron/linux.pp
index be17498..75f11a3 100644
--- a/manifests/cron/linux.pp
+++ b/manifests/cron/linux.pp
@@ -4,9 +4,15 @@ class puppet::cron::linux inherits puppet::linux {
case $puppet_config {
'': { $puppet_config = '/etc/puppet/puppet.conf' }
}
+
+ case $puppet_crontime {
+ '': { $puppet_crontime = '0,30 * * * *' }
+ }
+
+
File['/etc/cron.d/puppetd.cron']{
source => undef,
content => "# run puppet
-0,30 * * * * root /usr/sbin/puppetd --onetime --no-daemonize --splay --config=$puppet_config --color false | grep -E '(^err:|^alert:|^emerg:|^crit:)'\n",
+$puppet_crontime root /usr/sbin/puppetd --onetime --no-daemonize --splay --config=$puppet_config --color false | grep -E '(^err:|^alert:|^emerg:|^crit:)'\n",
}
}
diff --git a/manifests/debian.pp b/manifests/debian.pp
index 62c7661..507ec52 100644
--- a/manifests/debian.pp
+++ b/manifests/debian.pp
@@ -13,4 +13,5 @@ class puppet::debian inherits puppet::linux {
File['/etc/cron.d/puppetd.cron']{
path => '/etc/cron.d/puppetd',
}
+
}
diff --git a/manifests/init.pp b/manifests/init.pp
index 6ad8504..0b21aea 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -24,7 +24,7 @@ class puppet {
case $operatingsystem {
gentoo: { include puppet::gentoo }
centos: { include puppet::centos }
- debian: { include puppet::debian }
+ debian,ubuntu: { include puppet::debian }
default: { include puppet::linux}
}
}
diff --git a/manifests/linux.pp b/manifests/linux.pp
index 12112e1..4190b85 100644
--- a/manifests/linux.pp
+++ b/manifests/linux.pp
@@ -28,6 +28,7 @@ class puppet::linux inherits puppet::base {
file{'/etc/cron.d/puppetd.cron':
source => [ "puppet://$server/modules/puppet/cron.d/puppetd.${operatingsystem}",
"puppet://$server/modules/puppet/cron.d/puppetd" ],
- owner => root, group => 0, mode => 0644;
+ owner => root, group => 0, mode => 0644,
+ notify => service["crond"];
}
}
diff --git a/manifests/puppetmaster/base.pp b/manifests/puppetmaster/base.pp
index 0b208b0..4a1cb6f 100644
--- a/manifests/puppetmaster/base.pp
+++ b/manifests/puppetmaster/base.pp
@@ -1,9 +1,18 @@
class puppet::puppetmaster::base inherits puppet::base {
+ if defined (puppet::cron) {
+ File[puppet_config]{
+ source => [ "puppet://$server/modules/site-puppet/master/puppet.conf",
+ "puppet://$server/modules/puppet/master/puppet.conf" ],
+ notify => Service[puppetmaster],
+ }
+ }
+ else {
+ File[puppet_config]{
+ source => [ "puppet://$server/modules/site-puppet/master/puppet.conf",
+ "puppet://$server/modules/puppet/master/puppet.conf" ],
+ notify => [Service[puppet],Service[puppetmaster] ],
+ }
- File[puppet_config]{
- source => [ "puppet://$server/modules/site-puppet/master/puppet.conf",
- "puppet://$server/modules/puppet/master/puppet.conf" ],
- notify => [Service[puppet],Service[puppetmaster] ],
}
$real_puppet_fileserverconfig = $puppet_fileserverconfig ? {
@@ -12,22 +21,25 @@ class puppet::puppetmaster::base inherits puppet::base {
}
file { "$real_puppet_fileserverconfig":
- source => [ "puppet://$server/modules/site-puppet/master/${fqdn}/fileserver.conf",
- "puppet://$server/modules/site-puppet/master/fileserver.conf",
- "puppet://$server/modules/puppet/master/fileserver.conf" ],
- notify => [Service[puppet],Service[puppetmaster] ],
+ source => [ "puppet://$server/modules/site-puppet/master/${fqdn}/fileserver.conf",
+ "puppet://$server/modules/site-puppet/master/fileserver.conf",
+ "puppet://$server/modules/puppet/master/fileserver.conf" ],
+ notify => [Service[puppet],Service[puppetmaster] ],
owner => root, group => puppet, mode => 640;
- }
+ }
if $puppetmaster_storeconfigs {
include puppet::puppetmaster::storeconfigs
}
- # restart the master from time to time to avoid memory problems
- file{'/etc/cron.d/puppetmaster.cron':
- source => [ "puppet://$server/modules/puppet/cron.d/puppetmaster.${operatingsystem}",
- "puppet://$server/modules/puppet/cron.d/puppetmaster" ],
- owner => root, group => 0, mode => 0644;
+
+ if ! defined (puppet::puppetmaster::passenger) {
+ # restart the master from time to time to avoid memory problems
+ file{'/etc/cron.d/puppetmaster.cron':
+ source => [ "puppet://$server/modules/puppet/cron.d/puppetmaster.${operatingsystem}",
+ "puppet://$server/modules/puppet/cron.d/puppetmaster" ],
+ owner => root, group => 0, mode => 0644;
+ }
}
file{'/etc/cron.daily/puppet_reports_cleanup.sh':
diff --git a/manifests/puppetmaster/checklastrun.pp b/manifests/puppetmaster/checklastrun.pp
index 12f1042..fdcc096 100644
--- a/manifests/puppetmaster/checklastrun.pp
+++ b/manifests/puppetmaster/checklastrun.pp
@@ -1,12 +1,13 @@
class puppet::puppetmaster::checklastrun {
- file{'/opt/bin/puppetlast':
+ file{"/usr/local/bin/puppetlast":
source => [ "puppet://$server/modules/site-puppet/master/puppetlast",
"puppet://$server/modules/puppet/master/puppetlast"],
owner => root, group => 0, mode => 0700;
}
file{'/etc/cron.d/puppetlast.cron':
- content => "40 10,22 * * * root /opt/bin/puppetlast\n",
- require => File['/opt/bin/puppetlast'],
- owner => root, group => 0, mode => 0644;
+ content => "40 10,22 * * * root /usr/local/bin/puppetlast\n",
+ require => File["/usr/local/bin/puppetlast"],
+ owner => root, group => 0, mode => 0644,
+ notify => service["crond"];
}
}
diff --git a/manifests/puppetmaster/linux.pp b/manifests/puppetmaster/linux.pp
index 43cd841..2a71dd4 100644
--- a/manifests/puppetmaster/linux.pp
+++ b/manifests/puppetmaster/linux.pp
@@ -1,13 +1,28 @@
# manifests/puppetmaster/linux.pp
class puppet::puppetmaster::linux inherits puppet::linux {
-
- service{'puppetmaster':
- ensure => running,
- enable => true,
- require => [ Package[puppet] ],
+
+ if defined (puppet::puppetmaster::passenger) {
+ service{'puppetmaster':
+ ensure => running,
+ #name => apache2,
+ #enable => true,
+ pattern => 'apache2',
+ hasstatus => true,
+ start => '/etc/init.d/apache2 start',
+ stop => '/etc/init.d/apache2 start',
+ restart => '/etc/init.d/apache2 restart',
+ status => 'pgrep apache2',
+ require => [ Package[puppet] ],
+ }
+ }
+ else {
+ service{'puppetmaster':
+ ensure => running,
+ enable => true,
+ require => [ Package[puppet] ],
+ }
}
-
Service[puppet]{
require +> Service[puppetmaster],
}
diff --git a/manifests/puppetmaster/package.pp b/manifests/puppetmaster/package.pp
index d7c477d..c91dbe8 100644
--- a/manifests/puppetmaster/package.pp
+++ b/manifests/puppetmaster/package.pp
@@ -1,9 +1,14 @@
# manifests/puppetmaster/package.pp
class puppet::puppetmaster::package inherits puppet::puppetmaster::linux {
- package { puppet-server: ensure => present }
+ case $operatingsystem {
+ debian: { $puppetmaster_package="puppetmaster" }
+ default: { $puppetmaster_package="puppet-server" }
+ }
+
+ package { $puppetmaster_package: ensure => present }
Service[puppetmaster]{
- require +> Package[puppet-server],
+ require +> Package[$puppetmaster_package],
}
}
diff --git a/manifests/puppetmaster/passenger.pp b/manifests/puppetmaster/passenger.pp
new file mode 100644
index 0000000..06e2a2b
--- /dev/null
+++ b/manifests/puppetmaster/passenger.pp
@@ -0,0 +1,45 @@
+# class to use passenger for serving puppetmaster
+
+class puppet::puppetmaster::passenger {
+
+ case $operatingsystem {
+ debian: { include puppet::puppetmaster::passenger::debian }
+ defaults: { notice ( "class puppet::puppetmaster::passenger::base needs to be configured for using passenger with non-debian OS !" )
+ include puppet::puppetmaster::passenger::base }
+ }
+}
+
+class puppet::puppetmaster::passenger::debian inherits puppet::puppetmaster::passenger::base {
+ # according to http://github.com/reductivelabs/puppet/tree/master/ext/rack rack needs
+ # to be version >= 1.0.0 . lenny-backports provide it
+ package { "librack-ruby": ensure => "1.0.0-2~bpo50+1" }
+ package { "librack-ruby1.8": ensure => "1.0.0-2~bpo50+1" }
+
+ apache::config::global{ 'puppet-apache2-passenger.conf': }
+ apache::debian::module { 'ssl': ensure => present }
+ apache::debian::module { 'passenger': ensure => present }
+ apache::debian::module { 'headers': ensure => present }
+}
+
+class puppet::puppetmaster::passenger::base {
+
+ include apache
+ include passenger::apache
+
+
+ # http://github.com/reductivelabs/puppet/tree/master/ext/rack
+ file { ["/etc/puppet/rack", "/etc/puppet/rack/public"]:
+ ensure => directory,
+ mode => 0755,
+ owner => root,
+ group => root,
+ }
+ file { "/etc/puppet/rack/config.ru":
+ ensure => present,
+ source => "puppet:///modules/puppet/master/config.ru",
+ mode => 0644,
+ owner => puppet,
+ group => root,
+ }
+}
+
diff --git a/manifests/puppetmaster/storeconfigs.pp b/manifests/puppetmaster/storeconfigs.pp
index 32aaa7f..1b6d759 100644
--- a/manifests/puppetmaster/storeconfigs.pp
+++ b/manifests/puppetmaster/storeconfigs.pp
@@ -2,4 +2,12 @@
# so storeconfigs works.
class puppet::puppetmaster::storeconfigs {
include rails
+ include mysql::server
+
+ case $operatingsystem {
+ debian: { package { libmysql-ruby: ensure => present } }
+
+ }
+
+
}