diff options
| -rw-r--r-- | manifests/init.pp | 3 | ||||
| -rw-r--r-- | manifests/puppetmaster.pp | 96 | ||||
| -rw-r--r-- | manifests/puppetmaster/base.pp | 37 | ||||
| -rw-r--r-- | manifests/puppetmaster/cluster.pp | 8 | ||||
| -rw-r--r-- | manifests/puppetmaster/cluster/base.pp | 8 | ||||
| -rw-r--r-- | manifests/puppetmaster/hasdb.pp | 19 | ||||
| -rw-r--r-- | manifests/puppetmaster/hasdb/mysql.pp | 31 | ||||
| -rw-r--r-- | manifests/puppetmaster/storeconfigs.pp (renamed from manifests/storeconfigs.pp) | 0 |
8 files changed, 101 insertions, 101 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index e4e3da7..6ad8504 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -32,4 +32,7 @@ class puppet { default: { include puppet::base } } + if $use_shorewall { + include shorewall::rules::out::puppet + } } diff --git a/manifests/puppetmaster.pp b/manifests/puppetmaster.pp index a210c85..37d59b5 100644 --- a/manifests/puppetmaster.pp +++ b/manifests/puppetmaster.pp @@ -1,7 +1,4 @@ # manifests/puppetmaster.pp - -import "storeconfigs.pp" - class puppet::puppetmaster inherits puppet { case $operatingsystem { debian: { include puppet::puppetmaster::package } @@ -15,95 +12,8 @@ class puppet::puppetmaster inherits puppet { include puppet::puppetmaster::base include puppet::puppetmaster::checklastrun -} - -class puppet::puppetmaster::base inherits puppet::base { - - File[puppet_config]{ - source => [ "puppet://$server/files/puppet/master/puppet.conf", - "puppet://$server/puppet/master/puppet.conf" ], - notify => [Service[puppet],Service[puppetmaster] ], - } - - $real_puppet_fileserverconfig = $puppet_fileserverconfig ? { - '' => "/etc/puppet/fileserver.conf", - default => $puppet_fileserverconfig, - } - - file { "$real_puppet_fileserverconfig": - source => [ "puppet://$server/files/puppet/master/${fqdn}/fileserver.conf", - "puppet://$server/files/puppet/master/fileserver.conf", - "puppet://$server/puppet/master/fileserver.conf" ], - notify => [Service[puppet],Service[puppetmaster] ], - owner => root, group => 0, mode => 600; - } - - if $puppetmaster_storeconfigs { - include puppet::puppetmaster::storeconfigs - } - - # restart the master from time to time to avoid memory problems - file{'/etc/cron.d/puppetmaster.cron': - source => [ "puppet://$server/puppet/cron.d/puppetmaster.${operatingsystem}", - "puppet://$server/puppet/cron.d/puppetmaster" ], - owner => root, group => 0, mode => 0644; - } - - file{'/etc/cron.daily/puppet_reports_cleanup.sh': - content => "#!/bin/bash\nfind /var/log/puppet/reports/ -maxdepth 2 -type f -ctime +30 -exec rm {} \\;\n", - owner => root, group => 0, mode => 0700; - } -} - - -define puppet::puppetmaster::hasdb( - $dbtype = 'mysql', - $dbname = 'puppet', - $dbhost = 'localhost', - # this is needed due to the collection of the databases - $dbhostfqdn = "${fqdn}", - $dbuser = 'puppet', - $dbpwd = $puppet_storeconfig_password, - $dbconnectinghost = 'locahost' -){ - - case $puppet_storeconfig_password { - '': { fail("No \$puppet_storeconfig_password is set, please set it in your manifests or site.pp to add a password") } - } - - case $dbtype { - 'mysql': { puppet::puppetmaster::hasdb::mysql{$name: dbname => $dbname, dbhost => $dbhost, dbuser => $dbuser, dbpwd => $dbpwd, } } - } -} -# don't use this define use the general interface -define puppet::puppetmaster::hasdb::mysql( - $dbname = 'puppet', - $dbhost = 'localhost', - $dbhostfqdn = "${fqdn}", - $dbuser = 'puppet', - $dbpwd, - $dbconnectinghost = 'localhost' -){ - @@mysql_database{$dbname: - tag => "mysql_${dbhostfqdn}", - } - - @@mysql_user{"${dbuser}@${dbconnectinghost}": - password_hash => mysql_password("$dbpwd"), - require => Mysql_database[$dbname], - tag => "mysql_${dbhostfqdn}", - } - - - @@mysql_grant{"${dbuser}@${dbconnectinghost}/${dbname}": - privileges => all, - require => Mysql_user["${dbuser}@${dbconnectinghost}"], - tag => "mysql_${dbhostfqdn}", - } - - munin::plugin::deploy{'puppetresources': - source => "puppet/munin/puppetresources.mysql", - config => "env.mysqlopts --user=$dbuser --password=$dbpwd -h $dbhost\nenv.puppetdb $dbname", - } + if $use_shorewall { + include shorewall::rules::puppet::master + } } diff --git a/manifests/puppetmaster/base.pp b/manifests/puppetmaster/base.pp new file mode 100644 index 0000000..9d32fc4 --- /dev/null +++ b/manifests/puppetmaster/base.pp @@ -0,0 +1,37 @@ +class puppet::puppetmaster::base inherits puppet::base { + + File[puppet_config]{ + source => [ "puppet://$server/files/puppet/master/puppet.conf", + "puppet://$server/puppet/master/puppet.conf" ], + notify => [Service[puppet],Service[puppetmaster] ], + } + + $real_puppet_fileserverconfig = $puppet_fileserverconfig ? { + '' => "/etc/puppet/fileserver.conf", + default => $puppet_fileserverconfig, + } + + file { "$real_puppet_fileserverconfig": + source => [ "puppet://$server/files/puppet/master/${fqdn}/fileserver.conf", + "puppet://$server/files/puppet/master/fileserver.conf", + "puppet://$server/puppet/master/fileserver.conf" ], + notify => [Service[puppet],Service[puppetmaster] ], + owner => root, group => 0, mode => 600; + } + + if $puppetmaster_storeconfigs { + include puppet::puppetmaster::storeconfigs + } + + # restart the master from time to time to avoid memory problems + file{'/etc/cron.d/puppetmaster.cron': + source => [ "puppet://$server/puppet/cron.d/puppetmaster.${operatingsystem}", + "puppet://$server/puppet/cron.d/puppetmaster" ], + owner => root, group => 0, mode => 0644; + } + + file{'/etc/cron.daily/puppet_reports_cleanup.sh': + content => "#!/bin/bash\nfind /var/log/puppet/reports/ -maxdepth 2 -type f -ctime +30 -exec rm {} \\;\n", + owner => root, group => 0, mode => 0700; + } +} diff --git a/manifests/puppetmaster/cluster.pp b/manifests/puppetmaster/cluster.pp index cfa3fc0..2242ba7 100644 --- a/manifests/puppetmaster/cluster.pp +++ b/manifests/puppetmaster/cluster.pp @@ -3,11 +3,3 @@ class puppet::puppetmaster::cluster inherits puppet::puppetmaster { include puppet::puppetmaster::cluster::base } - -class puppet::puppetmaster::cluster::base inherits puppet::puppetmaster::base { - include mongrel, nginx - - File[puppet_config] { - require +> [ Package[mongrel], Package[nginx], File[nginx_config] ], - } -} diff --git a/manifests/puppetmaster/cluster/base.pp b/manifests/puppetmaster/cluster/base.pp new file mode 100644 index 0000000..759b0d2 --- /dev/null +++ b/manifests/puppetmaster/cluster/base.pp @@ -0,0 +1,8 @@ +class puppet::puppetmaster::cluster::base inherits puppet::puppetmaster::base { + include mongrel, nginx + + File[puppet_config] { + require +> [ Package[mongrel], Package[nginx], File[nginx_config] ], + } +} + diff --git a/manifests/puppetmaster/hasdb.pp b/manifests/puppetmaster/hasdb.pp new file mode 100644 index 0000000..82bbe47 --- /dev/null +++ b/manifests/puppetmaster/hasdb.pp @@ -0,0 +1,19 @@ +define puppet::puppetmaster::hasdb( + $dbtype = 'mysql', + $dbname = 'puppet', + $dbhost = 'localhost', + # this is needed due to the collection of the databases + $dbhostfqdn = "${fqdn}", + $dbuser = 'puppet', + $dbpwd = $puppet_storeconfig_password, + $dbconnectinghost = 'locahost' +){ + + case $puppet_storeconfig_password { + '': { fail("No \$puppet_storeconfig_password is set, please set it in your manifests or site.pp to add a password") } + } + + case $dbtype { + 'mysql': { puppet::puppetmaster::hasdb::mysql{$name: dbname => $dbname, dbhost => $dbhost, dbuser => $dbuser, dbpwd => $dbpwd, } } + } +} diff --git a/manifests/puppetmaster/hasdb/mysql.pp b/manifests/puppetmaster/hasdb/mysql.pp new file mode 100644 index 0000000..51fd776 --- /dev/null +++ b/manifests/puppetmaster/hasdb/mysql.pp @@ -0,0 +1,31 @@ +# don't use this define use the general interface +define puppet::puppetmaster::hasdb::mysql( + $dbname = 'puppet', + $dbhost = 'localhost', + $dbhostfqdn = "${fqdn}", + $dbuser = 'puppet', + $dbpwd, + $dbconnectinghost = 'localhost' +){ + @@mysql_database{$dbname: + tag => "mysql_${dbhostfqdn}", + } + + @@mysql_user{"${dbuser}@${dbconnectinghost}": + password_hash => mysql_password("$dbpwd"), + require => Mysql_database[$dbname], + tag => "mysql_${dbhostfqdn}", + } + + + @@mysql_grant{"${dbuser}@${dbconnectinghost}/${dbname}": + privileges => all, + require => Mysql_user["${dbuser}@${dbconnectinghost}"], + tag => "mysql_${dbhostfqdn}", + } + + munin::plugin::deploy{'puppetresources': + source => "puppet/munin/puppetresources.mysql", + config => "env.mysqlopts --user=$dbuser --password=$dbpwd -h $dbhost\nenv.puppetdb $dbname", + } +} diff --git a/manifests/storeconfigs.pp b/manifests/puppetmaster/storeconfigs.pp index 32aaa7f..32aaa7f 100644 --- a/manifests/storeconfigs.pp +++ b/manifests/puppetmaster/storeconfigs.pp |