diff --git a/.project b/.project new file mode 100644 index 0000000..4a3055d --- /dev/null +++ b/.project @@ -0,0 +1,23 @@ + + + module-puppet + + + + + + org.eclipse.xtext.ui.shared.xtextBuilder + + + + + org.cloudsmith.geppetto.pp.dsl.ui.modulefileBuilder + + + + + + org.cloudsmith.geppetto.pp.dsl.ui.puppetNature + org.eclipse.xtext.ui.shared.xtextNature + + diff --git a/Modulefile b/Modulefile new file mode 100644 index 0000000..33fe73a --- /dev/null +++ b/Modulefile @@ -0,0 +1,12 @@ +name 'do-puppet' +version '0.1.0' +source '' +author 'Udo Waechter' +license 'GPL' +summary '' +description '' +project_page '' + +## Add dependencies, if any: +# dependency 'username/name', '>= 1.2.0' +dependency 'puppetlabs/inifile', '>= 1.3.0' diff --git a/README.markdown b/README.markdown new file mode 100644 index 0000000..63fc19b --- /dev/null +++ b/README.markdown @@ -0,0 +1,3 @@ +# puppet # + +This is the puppet module. It provides... diff --git a/Rakefile b/Rakefile new file mode 100644 index 0000000..14f1c24 --- /dev/null +++ b/Rakefile @@ -0,0 +1,2 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/rake_tasks' diff --git a/manifests/agent.pp b/manifests/agent.pp new file mode 100644 index 0000000..95c103b --- /dev/null +++ b/manifests/agent.pp @@ -0,0 +1,101 @@ +class puppet::agent ( + $ensure = 'present', + $version = undef, + $norunifloggedin = false, + $daemonize = true, + $run_hour = '*/1', + $run_minute = '10', + $run_if_ipmatch = undef, + $puppet_master = undef, + $splay = true, + $cron = true, + $environment = gsub($::domain, '.(bitwig.com)', '')) { + case $::kernel { + 'Linux' : { + $puppetpkgs = ['puppet', 'puppet-common'] + + Package { + provider => 'apt' } + + if $::lsbdistid != 'Ubuntu' { + package { 'ruby-msgpack': ensure => $ensure } + } + } + default : { + $puppetpkgs = 'puppet' + } + } + + $pkg_ens = $ensure ? { + 'present' => $::kernel ? { + 'Linux' => $version, + default => $ensure, + }, + default => $ensure, + } + + package { $puppetpkgs: + ensure => $pkg_ens, + notify => Service['puppet'], + } + + service { 'puppet': + hasstatus => true, + enable => $daemonize, + ensure => $daemonize, + } + $cron_real = $daemonize ? { + false => $cron ? { + true => 'present', + default => 'absent', + }, + true => 'absent', + default => $ensure, + } + + cron { 'puppetrun': + command => '/usr/local/sbin/puppetd_run.sh', + user => 'root', + minute => $run_minute, + hour => $run_hour, + ensure => $cron_real, + } + + file { + '/usr/local/sbin/puppetd_run.sh': + content => template('puppet/puppetd_run.sh.erb'), + mode => '0700', + alias => 'puppetd_run.sh', + ensure => $ensure; + + '/var/log/puppet': + mode => '0750', + owner => 'puppet', + group => 'puppet'; + } + + # #settings + if $ensure != 'absent' { + Ini_setting { + path => '/etc/puppet/puppet.conf', + section => 'agent', + } + + ini_setting { 'puppet-agent-splay': + setting => 'splay', + value => $splay; + } + + ini_setting { 'puppet-agent-env': + setting => 'environment', + value => $environment; + } + + if $puppet_master != undef { + ini_setting { 'puppet-agnt-master': + setting => 'server', + value => $puppet_master, + } + } + } +} diff --git a/manifests/defines/fact_d.pp b/manifests/defines/fact_d.pp index e442aa4..72ce439 100644 --- a/manifests/defines/fact_d.pp +++ b/manifests/defines/fact_d.pp @@ -1,11 +1,11 @@ define puppet::defines::fact_d ($value, $ensure = 'present', $key = false) { - require 'puppet::common' + require 'puppet::facter' $k_real = $key ? { false => $name, default => $key, } - file { "${puppet::common::facts_d}/${k_real}.txt": + file { "${puppet::facter::facts_d}/${k_real}.txt": ensure => $ensure, content => "${k_real}=${value}", } diff --git a/manifests/environment.pp b/manifests/environment.pp new file mode 100644 index 0000000..1bbbadc --- /dev/null +++ b/manifests/environment.pp @@ -0,0 +1,11 @@ +define puppet::environment ( + $ensure = 'present', + $modulepath) { + ini_setting { "puppet-server-environment-${name}": + path => '/etc/puppet/puppet.conf', + section => $name, + setting => 'modulepath', + value => $modulepath, + ensure => $ensure, + } +} \ No newline at end of file diff --git a/manifests/common.pp b/manifests/facter.pp similarity index 78% rename from manifests/common.pp rename to manifests/facter.pp index 2b2afa2..65c2714 100644 --- a/manifests/common.pp +++ b/manifests/facter.pp @@ -1,20 +1,22 @@ -class puppet::common ( +class puppet::facter ( $ensure = 'present') { - $pkg_ens = $ensure ? { + + $pkg_ens = $ensure ? { 'present' => 'latest', default => $ensure, } - package { 'facter': ensure => 'latest' } + package { 'facter': ensure => $pkg_ens } - package { 'libaugeas-ruby': } $ens_dir = $ensure ? { - 'present' => 'directory', - default => $ensure, + 'absent' => 'absent', + default => 'directory', } $facts_d = '/etc/facter/facts.d' + File['/etc/facter'] -> File[$facts_d] + $pv_dir = $::puppet_vardir ? { '' => '/var/lib/puppet', default => $::puppet_vardir diff --git a/manifests/init.pp b/manifests/init.pp index 5a7994c..453701f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,148 +1,70 @@ -import 'defines/*.pp' - class puppet ( - $ensure = 'present', - $norunifloggedin = false, - $daemonize = true, - $run_hour = '*/1', - $run_minute = '10', - $run_if_ipmatch = '', - $maxsleep = '3200' -) { - $puppet_service = $::kernel ? { - 'Darwin' => 'org.macports.puppet', - 'FreeBSD' => 'puppetd', - default => 'puppet' - } - $factpath = '/var/lib/puppet/lib/facter' - - require 'puppet::common' - - if !defined(Class['puppet::puppetlabs_apt']) { - require 'puppet::puppetlabs_apt' + $ensure = 'present', + $version = undef, + $agent = true, + $server = false, + $facter_version = $ensure, + $agent_cron = true, + $puppetlabs_apt = true, + $agent_norunifloggedin = false, + $agent_daemonize = true, + $agent_run_hour = '*/1', + $agent_run_minute = '10', + $agent_run_if_ipmatch = '', + $agent_splay = true, + $server_dns_alt_names = undef, + $server_storeconfigs = false, + $server_storeconfigs_backend = undef, + $server_basemodulepath = undef, + $server_reports = 'store', + $server_passenger = true) { + if $puppetlabs_apt { + class { 'puppet::puppetlabs_apt': before => Class['puppet::facter'] } } -# @@puppet::puppetmaster::privatedir { $fqdn: l_fqdn => generate('/usr/bin/env', 'perl', '-e', '$_=shift;tr/[A-Z]/[a-z]/;print $_', -# "$fqdn") } - - case $::kernel { - 'Linux' : { - $puppetpkgs = ['puppet', 'puppet-common'] - - Package { - provider => 'apt' } - if $::lsbdistcodename != 'squeeze' { - package{'ruby-msgpack': ensure => $ensure} - - } - } - default : { - $puppetpkgs = 'puppet' + if $version != undef { + apt::pin { 'puppet': + version => $version, + packages => 'puppet*', + priority => '100', } } - $puppet_linuxversion_real = $::PUPPET_VERSION_LINUX ? { - '' => 'latest', - default => $::PUPPET_VERSION_LINUX, + + class { 'puppet::facter': + ensure => $facter_version, } - $pkg_ens = $ensure ? { - 'present' => $::kernel ? { - 'Linux' => $puppet_linuxversion_real, - default => $ensure, - }, - default => $ensure, - } - package { $puppetpkgs: - ensure => $pkg_ens, - notify => Service[$puppet_service], + ini_setting { 'puppet-templatedir': + path => '/etc/puppet/puppet.conf', + section => 'main', + setting => 'templatedir', + value => '$confidr/templates', + ensure => 'absent'; } - service { $puppet_service: - hasstatus => true, - enable => $daemonize, - ensure => $daemonize, - } - $cron_real = $daemonize ? { - false => 'present', - true => 'absent', - default => $ensure, + if $agent { + class { 'puppet::agent': + ensure => $ensure, + version => $version, + norunifloggedin => $agent_norunifloggedin, + daemonize => $agent_daemonize, + run_hour => $agent_run_hour, + run_if_ipmatch => $agent_run_if_ipmatch, + splay => $agent_splay, + cron => $agent_cron, + } } - cron { 'puppetrun': - command => '/usr/local/sbin/puppetd_run.sh', - user => 'root', - minute => $run_minute, - hour => $run_hour, - ensure => $cron_real, + if $server { + class { 'puppet::server': + ensure => $ensure, + version => $version, + dns_alt_names => $server_dns_alt_names, + storeconfigs => $server_storeconfigs, + storeconfigs_backend => $server_storeconfigs_backend, + reports => $server_reports, + basemodulepath => $server_basemodulepath, + passenger => $server_passenger; + } } - - file { '/usr/local/sbin/puppetd_run.sh': - content => template('puppet/puppetd_run.sh.erb'), - mode => '0700', - alias => 'puppetd_run.sh', - ensure => $ensure; - '/var/log/puppet': - mode => '0750',owner => 'puppet',group => 'puppet'; } - - case $::kernel { - 'Darwin' : { - file { '/Library/LaunchDaemons/org.macports.puppet.plist': - source => 'puppet:///modules/puppet/org.macports.puppet.plist', - before => Service[$puppet_service], - } - } - 'Linux' : { -# replace { 'enable_puppet': -# file => '/etc/default/puppet', -# pattern => 'START=no', -# replacement => 'START=yes', -# before => Service[$puppet_service], -# } - - if defined(Class['monit']) { - monit::process { 'puppet': - start => '/etc/init.d/puppet start', - stop => '/etc/init.d/puppet stop', - pidfile => '/var/run/puppet/agent.pid', - additional => 'if totalmem > 400 Mb for 10 cycles then RESTART', - ensure => $daemonize ? { - true => 'present', - default => 'absent', - }, - } - } - - if defined(Class['ganglia::monitor']) { - Ganglia::Gmetric::Cron { - source => 'puppet/ganglia', - ensure => $ensure, - } - - ganglia::gmetric::cron { 'puppetd_lastrun.sh': runwhen => '5'; 'puppetd_runtime.sh': runwhen => '15'; } - - } - } - } - $puppet_user = $operatingsystem ? { - 'Darwin' => $adm, - default => 'puppet', - } - $puppet_group = $operatingsystem ? { - 'Darwin' => 'wheel', - default => 'puppet', - } - # 'FreeBSD' => '/usr/local/etc/puppet/puppet.conf', - $puppetconf = $operatingsystem ? { - default => '/etc/puppet/puppet.conf', - } - - file { $puppetconf: - ensure => $ensure, - content => template('puppet/puppet.conf.erb'), - mode => '0644', - owner => $puppet_user, -# require => [ Package["puppet"] ], - } - - } diff --git a/manifests/monitored/client.pp b/manifests/monitored/client.pp new file mode 100644 index 0000000..661fd34 --- /dev/null +++ b/manifests/monitored/client.pp @@ -0,0 +1,20 @@ +class puppet::monitored::client ( + $ensure = 'present') { + $check = '/usr/lib/nagios/plugins/check_file_age -w10800 -c36000 -f/var/lib/puppet/state/last_run_summary.yaml' + + icinga::object::hostgroupmember { 'puppet-clients': ensure => 'absent', } + + sudo::conf { 'puppet-clients-icinga-sudo': + content => "nagios ALL=NOPASSWD: ${check}", + ensure => $ensure, + } + + massive_passive::icinga::service { 'Puppet last run': + freshness_threshold => '5800', + command => "/usr/bin/sudo ${check}", + use => 'workhours-passive-service', + hostgroup_name => 'linux-servers', + notifications_enabled => 1, + ensure => $ensure, + } +} \ No newline at end of file diff --git a/manifests/puppet-dashboard.pp b/manifests/puppet-dashboard.pp index c07a661..fc01c44 100644 --- a/manifests/puppet-dashboard.pp +++ b/manifests/puppet-dashboard.pp @@ -1,5 +1,5 @@ class puppet::puppet-dashboard ($ensure = 'present') { - require 'puppet::common' + require 'puppet::facter' package { ['libjson-ruby', 'puppet-dashboard']: ensure => $ensure, diff --git a/manifests/puppetmaster.pp b/manifests/puppetmaster.pp deleted file mode 100644 index 48b8bcc..0000000 --- a/manifests/puppetmaster.pp +++ /dev/null @@ -1,52 +0,0 @@ -class puppet::puppetmaster ($ensure = 'present', $puppetqd = false) { - require 'puppet::common' - - if !defined(Class['puppet::puppetlabs_apt']) { - class { 'puppet::puppetlabs_apt': } - require 'puppet::puppetlabs_apt' - } - - if $puppetqd { - class { 'activemq': ensure => $ensure } - - package { 'libnet-arp-perl': ensure => $ensure } - - service { 'stompserver': - ensure => false, - enable => false, - before => Class['activemq'], - } - - service { 'puppetqd': - ensure => running, - pattern => 'puppet queue queue', - enable => true, - } - } - - if defined(Class['ganglia::monitor']) { - Ganglia::Gmetric::Cron { - source => 'puppet/ganglia', - ensure => $ensure, - } - - ganglia::gmetric::cron { - 'puppetmaster.rb': - runwhen => '5'; - - 'puppetmaster_compiletime.rb': - runwhen => '60', - } - } - - # ## remove disk reports from time to time - tidy { "${::puppet_vardir}/reports": - age => '1d', - recurse => true, - backup => false, - } - - # create [private] directories - # file { $puppet_privdir: ensure => directory } - # Puppet::Puppetmaster::Privatedir <<| |>> -} diff --git a/manifests/server.pp b/manifests/server.pp new file mode 100644 index 0000000..d6c3861 --- /dev/null +++ b/manifests/server.pp @@ -0,0 +1,73 @@ +class puppet::server ( + $ensure = 'present', + $dns_alt_names = undef, + $storeconfigs = false, + $storeconfigs_backend = undef, + $reports = undef, + $basemodulepath = undef, + $version = undef, + $passenger = true) { + if $passenger == true { + $pkg = 'puppetmaster-passenger' + } else { + $pkg = 'puppetmaster' + } + $pkg_ens = $ensure ? { + 'present' => $::kernel ? { + 'Linux' => $version, + default => $ensure, + }, + default => $ensure, + } + + package { ['puppetmaster-common', $pkg]: ensure => $pkg_ens, } + + # ## remove disk reports from time to time + tidy { "${::puppet_vardir}/reports": + age => '4w', + recurse => true, + backup => false, + } + + Ini_setting { + path => '/etc/puppet/puppet.conf', + section => 'master', + } + + $dns_pres = $dns_alt_names ? { + undef => 'absent', + default => 'present', + } + + ini_setting { 'puppet-server-dns_alt_names': + ensure => $dns_pres, + setting => 'dns_alt_names', + value => $dns_alt_names; + } + + $mpath_pres = $basemodulepath ? { + undef => 'absent', + default => 'present', + } + + ini_setting { 'puppet-server-basemodulepath': + ensure => $mpath_pres, + setting => 'basemodulepath', + value => $basemodulepath; + } + + ini_setting { + 'puppet-server-storeconfigs': + setting => 'storeconfigs', + value => $storeconfigs; + + 'puppet-server-storeconfigs_backend': + setting => 'storeconfigs_backend', + value => $storeconfigs_backend; + + 'puppet-server-reports': + setting => 'reports', + value => $reports; + } + +} diff --git a/metadata.json b/metadata.json new file mode 100644 index 0000000..0967ef4 --- /dev/null +++ b/metadata.json @@ -0,0 +1 @@ +{} diff --git a/spec/spec.opts b/spec/spec.opts new file mode 100644 index 0000000..91cd642 --- /dev/null +++ b/spec/spec.opts @@ -0,0 +1,6 @@ +--format +s +--colour +--loadby +mtime +--backtrace diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..dc7e9f4 --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,2 @@ +require 'rubygems' +require 'puppetlabs_spec_helper/module_spec_helper' diff --git a/templates/puppet.conf.erb b/templates/puppet.conf.erb index a3b57db..5343a43 100644 --- a/templates/puppet.conf.erb +++ b/templates/puppet.conf.erb @@ -22,18 +22,26 @@ dbname=<%= scope.lookupvar('puppetmaster_dbname') %> dbserver=<%= scope.lookupvar('puppetmaster_dbhost') %> dbuser=<%= scope.lookupvar('puppetmaster_dbuser') %> dbpassword=<%= scope.lookupvar('puppetmaster_dbpassword') %> +hiera_config=/etc/puppet/hiera.yaml +<% end -%> +<% if server == "true" -%> [master] ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY -reports=<%= scope.lookupvar('puppetmaster_reports') %> -<% if scope.lookupvar('puppetmaster_reporturl') != false -%> -reporturl=<%= scope.lookupvar('puppetmaster_reporturl') %> +<% if scope['puppet::dns_alt_names'] -%> +dns_alt_names=<%= scope['puppet::dns_alt_names'] %> +<% end -%> +<% if scope['puppet::reports'] -%> +reports=<%= scope['puppet::reports'] %> <% end -%> -modulepath=<%= scope.lookupvar('puppetmaster_modulepath') %> -storeconfigs=true -rails_loglevel=info +basemodulepath=<%= scope['puppet::basemodulepath'] %> +storeconfigs=<%= scope['puppet::storeconfigs'] %> +<% if scope['puppet::storeconfigs_backend'] -%> +storeconfigs_backend=<%= scope['puppet::storeconfigs_backend'] %> <% end -%> +<% end -%> +hiera_config=/etc/puppet/hiera.yaml [agent] # Make sure all log messages are sent to the right directory @@ -43,3 +51,4 @@ splay=true report=true server=<%= scope.lookupvar("puppetmaster_server") %> configtimeout=720 +environment=<%= @environment %> diff --git a/templates/puppetd_run.sh.erb b/templates/puppetd_run.sh.erb index 84084cb..15b1057 100755 --- a/templates/puppetd_run.sh.erb +++ b/templates/puppetd_run.sh.erb @@ -1,22 +1,21 @@ #!/usr/bin/env bash -# $Id: puppetd_run.sh.erb 4177 2011-04-05 08:02:08Z uwaechte $ # a wrapper script, to run puppetd after a random time # this will be called by cron at the same time on each client, # but should not call the master at the same time as the others. -<% if norunifloggedin == true -%> +<% if @norunifloggedin == true -%> # not running if users are logged in [[ $(who|wc -l) -gt 0 ]] && exit 0 <% end -%> -export FACTERLIB="<%= scope.lookupvar("factpath") %>" +#export FACTERLIB="<%= scope.lookupvar("factpath") %>" PATH="/opt/local/bin:/opt/local/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" PUPPET=$(which puppet) [[ -e ${PUPPET} ]] || exit 1 PUPPET="${PUPPET}" -<% if run_if_ipmatch != "" -%> -ISUNIIP=$(ifconfig |grep -c -e "<%= run_if_ipmatch %>") +<% if @run_if_ipmatch != "" -%> +ISUNIIP=$(ifconfig |grep -c -e "<%= @run_if_ipmatch %>") <% else -%> ISUNIIP=1 <% end -%> @@ -54,7 +53,7 @@ if [ ${ISUNIIP} -gt 0 ]; then fi fi - MAXSLEEP=<%= maxsleep %> #How many seconds to wait maximally + #MAXSLEEP=<%= @maxsleep %> #How many seconds to wait maximally SLEEP=${RANDOM} I=${RANDOM} @@ -64,7 +63,7 @@ if [ ${ISUNIIP} -gt 0 ]; then SLEEP=${RANDOM} done # wait maximally $MAXSLEEP seconds - sleep $(expr ${SLEEP} % ${MAXSLEEP}) + #sleep $(expr ${SLEEP} % ${MAXSLEEP}) # run puppetd nice -n 12 $PUPPET agent -t 2&>>/var/log/puppet/puppetd_run.log fi diff --git a/tests/init.pp b/tests/init.pp new file mode 100644 index 0000000..52691f5 --- /dev/null +++ b/tests/init.pp @@ -0,0 +1 @@ +include puppet