From 150d5b97a9a668b89f55ec404867b60fd789e5ea Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sun, 19 May 2024 17:23:00 +1000 Subject: [PATCH 1/4] feat: cleanup excessive comments --- site/profiles/manifests/yum/base.pp | 26 ----------------- site/profiles/manifests/yum/epel.pp | 23 --------------- site/profiles/manifests/yum/global.pp | 39 +------------------------- site/profiles/manifests/yum/puppet7.pp | 27 ------------------ 4 files changed, 1 insertion(+), 114 deletions(-) diff --git a/site/profiles/manifests/yum/base.pp b/site/profiles/manifests/yum/base.pp index df86cd0..47eb2b9 100644 --- a/site/profiles/manifests/yum/base.pp +++ b/site/profiles/manifests/yum/base.pp @@ -2,32 +2,6 @@ # # This class manages the 'base', extras' and 'appstream' yum # repositories for a system, based on the provided list of managed repositories. -# -# Parameters: -# ----------- -# - $managed_repos: An array containing the names of the repositories to be -# managed. This can include 'base', 'extras', -# and 'appstream'. -# -# - $baseurl: The base URL for the yum repositories. This should be the root -# URL of your yum mirror server. -# -# Actions: -# -------- -# - Sets up the 'base', extras', and 'appstream' yum repositories -# as specified in the $managed_repos parameter, all using the provided baseurl. -# -# - Each repo configuration includes the baseurl parameterized with the OS -# release version and architecture, and specifies the GPG key. -# -# Example usage: -# -------------- -# To use this class with the default parameters: -# class { 'profiles::yum::base': -# managed_repos => ['base', 'extras', 'appstream'], -# baseurl => 'http://mylocalmirror.com/yum', -# } -# class profiles::yum::base ( Array[String] $managed_repos, String $baseurl, diff --git a/site/profiles/manifests/yum/epel.pp b/site/profiles/manifests/yum/epel.pp index 575e099..b6c9f43 100644 --- a/site/profiles/manifests/yum/epel.pp +++ b/site/profiles/manifests/yum/epel.pp @@ -1,29 +1,6 @@ # Class: profiles::yum::epel # # This class manages the EPEL yum repository for the system. -# -# Parameters: -# ----------- -# - $baseurl: The base URL for the EPEL yum repository. This should be the root -# URL of your EPEL mirror server. -# -# Actions: -# -------- -# - Checks the OS release version. -# -# - If the release version is 7, 8, or 9, it sets up the 'epel' yum repository -# -# - If the release version is not supported, it raises an error. -# -# Example usage: -# -------------- -# To use this class with the default parameters: -# include profiles::yum::epel -# -# To specify a custom base URL: -# class { 'profiles::yum::epel': -# baseurl => 'http://mylocalmirror.com/yum', -# } class profiles::yum::epel ( Array[String] $managed_repos, String $baseurl, diff --git a/site/profiles/manifests/yum/global.pp b/site/profiles/manifests/yum/global.pp index 44c393c..6aaf807 100644 --- a/site/profiles/manifests/yum/global.pp +++ b/site/profiles/manifests/yum/global.pp @@ -1,45 +1,8 @@ # Class: profiles::yum::global # # This class manages global YUM configurations and optionally includes the -# base and EPEL yum repository profiles based on the content of the +# base and EPEL yum repository profiles based on the content of the # $managed_repos parameter, which is an array of repository names. -# -# Parameters: -# ----------- -# - $managed_repos: An array of repository names that the Puppet agent should -# manage. This parameter is mandatory and the class will -# fail if it is not provided via hieradata. -# Example: ['base', 'updates', 'extras', 'appstream'] -# -# Actions: -# -------- -# - Configures global YUM settings, including keeping the kernel development -# packages and cleaning old kernels. -# -# - Establishes default parameters for any YUM repositories managed by Puppet. -# This includes the repository file location, the repository description, -# and enabling the repository and GPG checks. -# -# - Depending on the content of the $managed_repos parameter, it includes the -# profiles::yum::base and/or profiles::yum::epel classes. -# -# - Manages all .repo files under /etc/yum.repos.d. All the repositories listed -# in $managed_repos will have their corresponding .repo files preserved. Any -# .repo file that is not listed in $managed_repos will be removed. -# -# - Creates and maintains a /etc/yum.repos.d/.managed file that lists all the -# .repo files that should be managed by Puppet. -# -# Example usage: -# -------------- -# To use this class, include the class and configure hieradata: -# include profiles::yum::global -# -# profiles::yum::managed_repos: -# - 'base' -# - 'extras' -# - 'appstream' -# class profiles::yum::global ( Array[String] $managed_repos, Boolean $purge = true, diff --git a/site/profiles/manifests/yum/puppet7.pp b/site/profiles/manifests/yum/puppet7.pp index 1d6c802..ffcbbf4 100644 --- a/site/profiles/manifests/yum/puppet7.pp +++ b/site/profiles/manifests/yum/puppet7.pp @@ -1,33 +1,6 @@ # Class: profiles::yum::epel # # This class manages the puppet7 yum repository for the system. -# -# Parameters: -# ----------- -# - $baseurl: The base URL for the puppet7 yum repository. This should be the root -# URL of your puppet7 mirror server. -# -# Actions: -# -------- -# - Checks the OS release version. -# -# - If the release version is 7, 8, or 9, it sets up the 'puppet7' yum repository -# and installs the puppet7 release RPM from the provided baseurl. -# -# - If the release version is not supported, it raises an error. -# -# - The repo configuration includes the baseurl parameterized with the OS -# release version and architecture, and specifies the GPG key. -# -# Example usage: -# -------------- -# To use this class with the default parameters: -# include profiles::yum::puppet7 -# -# To specify a custom base URL: -# class { 'profiles::yum::puppet7': -# baseurl => 'http://mylocalmirror.com/yum', -# } class profiles::yum::puppet7 ( Array[String] $managed_repos, String $baseurl = 'http://repos.main.unkin.net/puppet7', From da2e98ed4d54d9c459ccea99b225e4a7ef6d0a5e Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sun, 19 May 2024 18:53:48 +1000 Subject: [PATCH 2/4] feat: add centos mirror to edgecache - add centos repo to edgecache --- hieradata/roles/infra/storage/edgecache.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/hieradata/roles/infra/storage/edgecache.yaml b/hieradata/roles/infra/storage/edgecache.yaml index 67e6b28..5af178a 100644 --- a/hieradata/roles/infra/storage/edgecache.yaml +++ b/hieradata/roles/infra/storage/edgecache.yaml @@ -33,6 +33,7 @@ profiles::edgecache::params::nginx_aliases: profiles::edgecache::params::directories: /data/edgecache: { owner: root, group: root } /data/edgecache/pub: { owner: nginx, group: nginx } + /data/edgecache/pub/centos: { owner: nginx, group: nginx } /data/edgecache/pub/almalinux: { owner: nginx, group: nginx } /data/edgecache/pub/debian: { owner: nginx, group: nginx } /data/edgecache/pub/epel: { owner: nginx, group: nginx } @@ -50,6 +51,18 @@ profiles::edgecache::params::mirrors: proxy_cache_valid: - '200 302 1440h' - '404 1m' + centos_repodata: + ensure: present + location: '~* ^/centos/.*/repodata/' + proxy: http://gsl-syd.mm.fcix.net + centos_data: + ensure: present + location: /centos + proxy: http://gsl-syd.mm.fcix.net + proxy_cache: cache + proxy_cache_valid: + - '200 302 1440h' + - '404 1m' almalinux_repodata: ensure: present location: '~* ^/almalinux/.*/repodata/' From 5f9480f186e3b1dd9fc0fc5009fce40302483c81 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sun, 19 May 2024 17:59:27 +1000 Subject: [PATCH 3/4] feat: direct yumrepo config - deep merge yumrepo resources - convert repos to direct yumrepo in hieradata - change from repos.main.unkin.net to edgecache.query.consul - create all yumrepo resources from $profiles::yum::global::repos --- hieradata/common.yaml | 3 ++ hieradata/os/AlmaLinux/all_releases.yaml | 49 +++++++++++++++++++++++ hieradata/roles/infra/ovirt/engine.yaml | 50 ++++++++++++++++++++++++ hieradata/roles/infra/ovirt/node.yaml | 50 ++++++++++++++++++++++++ site/profiles/manifests/yum/global.pp | 44 ++------------------- 5 files changed, 156 insertions(+), 40 deletions(-) diff --git a/hieradata/common.yaml b/hieradata/common.yaml index 096a830..bfbbd03 100644 --- a/hieradata/common.yaml +++ b/hieradata/common.yaml @@ -99,6 +99,9 @@ lookup_options: postgresql_config_entries: merge: strategy: deep + profiles::yum::global::repos: + merge: + strategy: deep facts_path: '/opt/puppetlabs/facter/facts.d' diff --git a/hieradata/os/AlmaLinux/all_releases.yaml b/hieradata/os/AlmaLinux/all_releases.yaml index 9edbf92..b0016ba 100644 --- a/hieradata/os/AlmaLinux/all_releases.yaml +++ b/hieradata/os/AlmaLinux/all_releases.yaml @@ -15,3 +15,52 @@ profiles::packages::install: - policycoreutils lm-sensors::package: lm_sensors + +profiles::yum::global::repos: + baseos: + name: baseos + descr: baseos repository + target: /etc/yum.repos.d/almalinux.repo + baseurl: https://edgecache.query.consul/almalinux/%{facts.os.release.full}/BaseOS/%{facts.os.architecture}/os + gpgkey: http://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-%{facts.os.release.major} + extras: + name: extras + descr: extras repository + target: /etc/yum.repos.d/almalinux.repo + baseurl: https://edgecache.query.consul/almalinux/%{facts.os.release.full}/extras/%{facts.os.architecture}/os + gpgkey: http://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-%{facts.os.release.major} + appstream: + name: appstream + descr: appstream repository + target: /etc/yum.repos.d/almalinux.repo + baseurl: https://edgecache.query.consul/almalinux/%{facts.os.release.full}/AppStream/%{facts.os.architecture}/os + gpgkey: http://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-%{facts.os.release.major} + powertools: + name: powertools + descr: powertools repository + target: /etc/yum.repos.d/almalinux.repo + baseurl: https://edgecache.query.consul/almalinux/%{facts.os.release.full}/PowerTools/%{facts.os.architecture}/os + gpgkey: http://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-%{facts.os.release.major} + highavailability: + name: highavailability + descr: highavailability repository + target: /etc/yum.repos.d/almalinux.repo + baseurl: https://edgecache.query.consul/almalinux/%{facts.os.release.full}/HighAvailability/%{facts.os.architecture}/os + gpgkey: http://edgecache.query.consul/almalinux/RPM-GPG-KEY-AlmaLinux-%{facts.os.release.major} + epel: + name: epel + descr: epel repository + target: /etc/yum.repos.d/epel.repo + baseurl: https://edgecache.query.consul/epel/%{facts.os.release.major}/Everything/%{facts.os.architecture} + gpgkey: http://edgecache.query.consul/epel/RPM-GPG-KEY-EPEL-%{facts.os.release.major} + puppet: + name: puppet + descr: puppet repository + target: /etc/yum.repos.d/puppet.repo + baseurl: https://yum.puppet.com/puppet7/el/%{facts.os.release.major}/%{facts.os.architecture} + gpgkey: https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406 + unkin: + name: unkin + descr: unkin repository + target: /etc/yum.repos.d/unkin.repo + baseurl: https://repos.main.unkin.net/unkin/%{facts.os.release.major}/%{facts.os.architecture}/os diff --git a/hieradata/roles/infra/ovirt/engine.yaml b/hieradata/roles/infra/ovirt/engine.yaml index 44c4baa..7abde8c 100644 --- a/hieradata/roles/infra/ovirt/engine.yaml +++ b/hieradata/roles/infra/ovirt/engine.yaml @@ -8,3 +8,53 @@ profiles::yum::global::managed_repos: - 'opstools-collectd-5' - 'storage-gluster-10' - 'virt-ovirt-45' + +profiles::yum::global::repos: + centos_8_advanced_virtualization: + name: 'virt-advanced-virtualization' + descr: 'CentOS Advanced Virtualization' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/virt/x86_64/advancedvirt-common + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Virtualization' + centos_8_ceph_pacific: + name: 'storage-ceph-pacific' + descr: 'CentOS Ceph Pacific' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/storage/x86_64/ceph-pacific + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage' + centos_8_rabbitmq_38: + name: 'messaging-rabbitmq-38' + descr: 'CentOS RabbitMQ 38' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/messaging/x86_64/rabbitmq-38 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Messaging' + centos_8_nfv_openvswitch: + name: 'nfv-openvswitch-2' + descr: 'CentOS NFV OpenvSwitch' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/nfv/x86_64/openvswitch-2 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-NFV' + centos_8_openstack_xena: + name: 'cloud-openstack-xena' + descr: 'CentOS OpenStack Xena' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/cloud/x86_64/openstack-xena + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Cloud' + centos_8_opstools: + name: 'opstools-collectd-5' + descr: 'CentOS OpsTools - collectd' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/opstools/x86_64/collectd-5 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-OpsTools' + centos_8_ovirt45: + name: 'virt-ovirt-45' + descr: 'CentOS oVirt 4.5' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/virt/x86_64/ovirt-45 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Virtualization' + centos_8_stream_gluster10: + name: 'storage-gluster-10' + descr: 'CentOS oVirt 4.5 - Glusterfs 10' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/storage/x86_64/gluster-10 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage' diff --git a/hieradata/roles/infra/ovirt/node.yaml b/hieradata/roles/infra/ovirt/node.yaml index 847efc6..da74b08 100644 --- a/hieradata/roles/infra/ovirt/node.yaml +++ b/hieradata/roles/infra/ovirt/node.yaml @@ -15,3 +15,53 @@ sudo::purge_ignore: - '50_vdsm' - '50_vdsm_hook_ovirt_provider_ovn_hook' - '60_ovirt-ha' + +profiles::yum::global::repos: + centos_8_advanced_virtualization: + name: 'virt-advanced-virtualization' + descr: 'CentOS Advanced Virtualization' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/virt/x86_64/advancedvirt-common + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Virtualization' + centos_8_ceph_pacific: + name: 'storage-ceph-pacific' + descr: 'CentOS Ceph Pacific' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/storage/x86_64/ceph-pacific + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage' + centos_8_rabbitmq_38: + name: 'messaging-rabbitmq-38' + descr: 'CentOS RabbitMQ 38' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/messaging/x86_64/rabbitmq-38 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Messaging' + centos_8_nfv_openvswitch: + name: 'nfv-openvswitch-2' + descr: 'CentOS NFV OpenvSwitch' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/nfv/x86_64/openvswitch-2 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-NFV' + centos_8_openstack_xena: + name: 'cloud-openstack-xena' + descr: 'CentOS OpenStack Xena' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/cloud/x86_64/openstack-xena + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Cloud' + centos_8_opstools: + name: 'opstools-collectd-5' + descr: 'CentOS OpsTools - collectd' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/opstools/x86_64/collectd-5 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-OpsTools' + centos_8_ovirt45: + name: 'virt-ovirt-45' + descr: 'CentOS oVirt 4.5' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/virt/x86_64/ovirt-45 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Virtualization' + centos_8_stream_gluster10: + name: 'storage-gluster-10' + descr: 'CentOS oVirt 4.5 - Glusterfs 10' + target: /etc/yum.repos.d/ovirt.repo + baseurl: https://edgecache.query.consul/centos/8-stream/storage/x86_64/gluster-10 + gpgkey: 'https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage' diff --git a/site/profiles/manifests/yum/global.pp b/site/profiles/manifests/yum/global.pp index 6aaf807..98a90d4 100644 --- a/site/profiles/manifests/yum/global.pp +++ b/site/profiles/manifests/yum/global.pp @@ -4,8 +4,8 @@ # base and EPEL yum repository profiles based on the content of the # $managed_repos parameter, which is an array of repository names. class profiles::yum::global ( - Array[String] $managed_repos, - Boolean $purge = true, + Hash $repos = {}, + Boolean $purge = true, ){ class { 'yum': keep_kernel_devel => true, @@ -19,44 +19,8 @@ class profiles::yum::global ( purge => $purge, } - # Generate the content for the .managed file - $managed_file_content = $managed_repos.map |$repo_name| { "${repo_name}.repo" }.join("\n") - - # Create the .managed file - file { '/etc/yum.repos.d/.managed': - ensure => file, - content => $managed_file_content, - } - - # Setup base repos - class { 'profiles::yum::base': - managed_repos => $managed_repos, - require => Class['profiles::pki::vaultca'], - } - - # Setup epel if included in managed_repos - class { 'profiles::yum::epel': - managed_repos => $managed_repos, - require => Class['profiles::pki::vaultca'], - } - - # Setup puppet7 if included in managed_repos - class { 'profiles::yum::puppet7': - managed_repos => $managed_repos, - require => Class['profiles::pki::vaultca'], - } - - # Setup unkin repo if included in managed_repos - class { 'profiles::yum::unkin': - managed_repos => $managed_repos, - require => Class['profiles::pki::vaultca'], - } - - # Setup ovirt repo if included in managed_repos - class { 'profiles::yum::ovirt': - managed_repos => $managed_repos, - require => Class['profiles::pki::vaultca'], - } + # create repos + create_resources('yumrepo', $repos) # makecache if changes made to repos exec {'dnf_makecache': From fd466fccccdbca925b2bfec2930705e3f8453596 Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Sun, 19 May 2024 19:20:50 +1000 Subject: [PATCH 4/4] feat: cleanup old repo management - change profiles::puppet::agent to require Yumrepo['puppet'] - remove managed repos hieradata - remove profiles::yum::* classes that are not required - remove missed rebase comment --- hieradata/os/AlmaLinux/AlmaLinux8.yaml | 9 ---- hieradata/os/AlmaLinux/AlmaLinux9.yaml | 6 --- hieradata/os/AlmaLinux/all_releases.yaml | 4 -- hieradata/roles/infra/ovirt/engine.yaml | 10 ---- hieradata/roles/infra/ovirt/node.yaml | 9 ---- site/profiles/manifests/puppet/agent.pp | 2 +- site/profiles/manifests/yum/base.pp | 66 ------------------------ site/profiles/manifests/yum/epel.pp | 25 --------- site/profiles/manifests/yum/global.pp | 4 -- site/profiles/manifests/yum/mariadb.pp | 25 --------- site/profiles/manifests/yum/ovirt.pp | 48 ----------------- site/profiles/manifests/yum/puppet7.pp | 21 -------- site/profiles/manifests/yum/unkin.pp | 23 --------- 13 files changed, 1 insertion(+), 251 deletions(-) delete mode 100644 site/profiles/manifests/yum/base.pp delete mode 100644 site/profiles/manifests/yum/epel.pp delete mode 100644 site/profiles/manifests/yum/mariadb.pp delete mode 100644 site/profiles/manifests/yum/ovirt.pp delete mode 100644 site/profiles/manifests/yum/puppet7.pp delete mode 100644 site/profiles/manifests/yum/unkin.pp diff --git a/hieradata/os/AlmaLinux/AlmaLinux8.yaml b/hieradata/os/AlmaLinux/AlmaLinux8.yaml index e0b4a27..7861fca 100644 --- a/hieradata/os/AlmaLinux/AlmaLinux8.yaml +++ b/hieradata/os/AlmaLinux/AlmaLinux8.yaml @@ -1,11 +1,2 @@ # hieradata/os/AlmaLinux/AlmaLinux8.yaml --- -profiles::yum::global::managed_repos: - - 'base' - - 'appstream' - - 'epel' - - 'powertools' - - 'highavailability' - - 'puppet7' - - 'yum.postgresql.org' - - 'unkin' diff --git a/hieradata/os/AlmaLinux/AlmaLinux9.yaml b/hieradata/os/AlmaLinux/AlmaLinux9.yaml index c6e95cc..03c8c55 100644 --- a/hieradata/os/AlmaLinux/AlmaLinux9.yaml +++ b/hieradata/os/AlmaLinux/AlmaLinux9.yaml @@ -1,8 +1,2 @@ # hieradata/os/AlmaLinux/AlmaLinux9.yaml --- -profiles::yum::global::managed_repos: - - 'base' - - 'appstream' - - 'epel' - - 'puppet7' - - 'yum.postgresql.org' diff --git a/hieradata/os/AlmaLinux/all_releases.yaml b/hieradata/os/AlmaLinux/all_releases.yaml index b0016ba..3665900 100644 --- a/hieradata/os/AlmaLinux/all_releases.yaml +++ b/hieradata/os/AlmaLinux/all_releases.yaml @@ -1,9 +1,5 @@ # hieradata/os/almalinux/all_releases.yaml --- -profiles::yum::base::baseurl: https://repos.main.unkin.net/almalinux -profiles::yum::epel::baseurl: https://repos.main.unkin.net/epel -profiles::yum::unkin::baseurl: https://repos.main.unkin.net/unkin -profiles::yum::ovirt::baseurl: https://repos.main.unkin.net/centos profiles::firewall::firewalld::ensure_package: 'absent' profiles::firewall::firewalld::ensure_service: 'stopped' profiles::firewall::firewalld::enable_service: false diff --git a/hieradata/roles/infra/ovirt/engine.yaml b/hieradata/roles/infra/ovirt/engine.yaml index 7abde8c..b2a934d 100644 --- a/hieradata/roles/infra/ovirt/engine.yaml +++ b/hieradata/roles/infra/ovirt/engine.yaml @@ -1,14 +1,4 @@ --- -profiles::yum::global::managed_repos: - - 'virt-advanced-virtualization' - - 'storage-ceph-pacific' - - 'cloud-openstack-xena' - - 'messaging-rabbitmq-38' - - 'nfv-openvswitch-2' - - 'opstools-collectd-5' - - 'storage-gluster-10' - - 'virt-ovirt-45' - profiles::yum::global::repos: centos_8_advanced_virtualization: name: 'virt-advanced-virtualization' diff --git a/hieradata/roles/infra/ovirt/node.yaml b/hieradata/roles/infra/ovirt/node.yaml index da74b08..762c1aa 100644 --- a/hieradata/roles/infra/ovirt/node.yaml +++ b/hieradata/roles/infra/ovirt/node.yaml @@ -1,15 +1,6 @@ --- profiles::firewall::firewalld::ensure_package: 'installed' profiles::firewall::firewalld::ensure_service: 'running' -profiles::yum::global::managed_repos: - - 'virt-advanced-virtualization' - - 'storage-ceph-pacific' - - 'cloud-openstack-xena' - - 'messaging-rabbitmq-38' - - 'nfv-openvswitch-2' - - 'opstools-collectd-5' - - 'storage-gluster-10' - - 'virt-ovirt-45' sudo::purge_ignore: - '50_vdsm' diff --git a/site/profiles/manifests/puppet/agent.pp b/site/profiles/manifests/puppet/agent.pp index c911f0d..76164c1 100644 --- a/site/profiles/manifests/puppet/agent.pp +++ b/site/profiles/manifests/puppet/agent.pp @@ -19,7 +19,7 @@ class profiles::puppet::agent ( # Ensure the puppet-agent package is installed and locked to a specific version package { 'puppet-agent': ensure => $puppet_version, - require => Class['profiles::yum::puppet7'], + require => Yumrepo['puppet'], } # versionlock puppet-agent diff --git a/site/profiles/manifests/yum/base.pp b/site/profiles/manifests/yum/base.pp deleted file mode 100644 index 47eb2b9..0000000 --- a/site/profiles/manifests/yum/base.pp +++ /dev/null @@ -1,66 +0,0 @@ -# Class: profiles::yum::base -# -# This class manages the 'base', extras' and 'appstream' yum -# repositories for a system, based on the provided list of managed repositories. -class profiles::yum::base ( - Array[String] $managed_repos, - String $baseurl, - Enum[ - 'daily', - 'weekly', - 'monthly' - ] $snapshot = 'daily', -) { - $release = $facts['os']['release']['full'] - $basearch = $facts['os']['architecture'] - - if 'base' in $managed_repos { - yumrepo { 'base': - name => 'base', - descr => 'base repository', - target => '/etc/yum.repos.d/base.repo', - baseurl => "${baseurl}/${release}/BaseOS-${snapshot}/${basearch}/os/", - gpgkey => "${baseurl}/${release}/BaseOS-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}", - } - } - - if 'extras' in $managed_repos { - yumrepo { 'extras': - name => 'extras', - descr => 'extras repository', - target => '/etc/yum.repos.d/extras.repo', - baseurl => "${baseurl}/${release}/extras-${snapshot}/${basearch}/os/", - gpgkey => "${baseurl}/${release}/extras-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}", - } - } - - if 'appstream' in $managed_repos { - yumrepo { 'appstream': - name => 'appstream', - descr => 'appstream repository', - target => '/etc/yum.repos.d/appstream.repo', - baseurl => "${baseurl}/${release}/AppStream-${snapshot}/${basearch}/os/", - gpgkey => "${baseurl}/${release}/AppStream-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}", - } - } - - if 'powertools' in $managed_repos { - yumrepo { 'powertools': - name => 'powertools', - descr => 'powertools repository', - target => '/etc/yum.repos.d/powertools.repo', - baseurl => "${baseurl}/${release}/PowerTools-${snapshot}/${basearch}/os/", - gpgkey => "${baseurl}/${release}/PowerTools-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}", - } - } - - if 'highavailability' in $managed_repos { - yumrepo { 'highavailability': - name => 'highavailability', - descr => 'highavailability repository', - target => '/etc/yum.repos.d/highavailability.repo', - baseurl => "${baseurl}/${release}/HighAvailability-${snapshot}/${basearch}/os/", - gpgkey => "${baseurl}/${release}/HighAvailability-${snapshot}/${basearch}/os/RPM-GPG-KEY-${facts['os']['name']}", - } - } -} diff --git a/site/profiles/manifests/yum/epel.pp b/site/profiles/manifests/yum/epel.pp deleted file mode 100644 index b6c9f43..0000000 --- a/site/profiles/manifests/yum/epel.pp +++ /dev/null @@ -1,25 +0,0 @@ -# Class: profiles::yum::epel -# -# This class manages the EPEL yum repository for the system. -class profiles::yum::epel ( - Array[String] $managed_repos, - String $baseurl, - Enum[ - 'daily', - 'weekly', - 'monthly' - ] $snapshot = 'daily', -) { - $release = $facts['os']['release']['major'] - $basearch = $facts['os']['architecture'] - - if 'epel' in $managed_repos { - yumrepo { 'epel': - name => 'epel', - descr => 'epel repository', - target => '/etc/yum.repos.d/epel.repo', - baseurl => "${baseurl}/${release}/Everything-${snapshot}/${basearch}/os/", - gpgkey => "${baseurl}/${release}/Everything-${snapshot}/${basearch}/os/RPM-GPG-KEY-EPEL-${release}", - } - } -} diff --git a/site/profiles/manifests/yum/global.pp b/site/profiles/manifests/yum/global.pp index 98a90d4..2f515ab 100644 --- a/site/profiles/manifests/yum/global.pp +++ b/site/profiles/manifests/yum/global.pp @@ -1,8 +1,4 @@ # Class: profiles::yum::global -# -# This class manages global YUM configurations and optionally includes the -# base and EPEL yum repository profiles based on the content of the -# $managed_repos parameter, which is an array of repository names. class profiles::yum::global ( Hash $repos = {}, Boolean $purge = true, diff --git a/site/profiles/manifests/yum/mariadb.pp b/site/profiles/manifests/yum/mariadb.pp deleted file mode 100644 index 3c6c4e6..0000000 --- a/site/profiles/manifests/yum/mariadb.pp +++ /dev/null @@ -1,25 +0,0 @@ -# Class: profiles::yum::mariadb -# -# This class manages the mariadb yum repository for the system. -# -class profiles::yum::mariadb ( - String $baseurl = 'https://repos.main.unkin.net', - String $version = '11.2', - Enum[ - 'daily', - 'weekly', - 'monthly' - ] $snapshot = 'daily', -) { - $release = $facts['os']['release']['major'] - $basearch = $facts['os']['architecture'] - - yumrepo { 'mariadb': - name => 'mariadb', - descr => 'mariadb repository', - target => '/etc/yum.repos.d/mariadb.repo', - baseurl => "${baseurl}/mariadb/${version}/el${release}-${snapshot}/${basearch}/os/", - gpgkey => "${baseurl}/mariadb/${version}/el${release}-${snapshot}/${basearch}/os/RPM-GPG-KEY-MariaDB", - require => Class['profiles::pki::vaultca'], - } -} diff --git a/site/profiles/manifests/yum/ovirt.pp b/site/profiles/manifests/yum/ovirt.pp deleted file mode 100644 index d04b145..0000000 --- a/site/profiles/manifests/yum/ovirt.pp +++ /dev/null @@ -1,48 +0,0 @@ -# Class: profiles::yum::ovirt -class profiles::yum::ovirt ( - Array[String] $managed_repos, - String $baseurl, - Enum[ - 'daily', - 'weekly', - 'monthly' - ] $snapshot = 'daily', -) { - $release = $facts['os']['release']['major'] - $basearch = $facts['os']['architecture'] - - $centos_nonstream = [ - 'virt-advanced-virtualization', - 'storage-ceph-pacific' - ] - $centos_stream = [ - 'cloud-openstack-xena', - 'messaging-rabbitmq-38', - 'nfv-openvswitch-2', - 'opstools-collectd-5', - 'storage-gluster-10', - 'virt-ovirt-45' - ] - $centos_nonstream.each |$name| { - if $name in $managed_repos { - yumrepo { $name: - name => $name, - descr => $name, - target => '/etc/yum.repos.d/ovirt.repo', - baseurl => "${baseurl}/${release}/${name}-20240311/${basearch}/os/", - gpgcheck => false, - } - } - } - $centos_stream.each |$name| { - if $name in $managed_repos { - yumrepo { $name: - name => $name, - descr => $name, - target => '/etc/yum.repos.d/ovirt.repo', - baseurl => "${baseurl}/${release}-stream/${name}-20240311/${basearch}/os/", - gpgcheck => false, - } - } - } -} diff --git a/site/profiles/manifests/yum/puppet7.pp b/site/profiles/manifests/yum/puppet7.pp deleted file mode 100644 index ffcbbf4..0000000 --- a/site/profiles/manifests/yum/puppet7.pp +++ /dev/null @@ -1,21 +0,0 @@ -# Class: profiles::yum::epel -# -# This class manages the puppet7 yum repository for the system. -class profiles::yum::puppet7 ( - Array[String] $managed_repos, - String $baseurl = 'http://repos.main.unkin.net/puppet7', -) { - $releasever = $facts['os']['release']['major'] - $basearch = $facts['os']['architecture'] - - if 'puppet7' in $managed_repos { - yumrepo { 'puppet7': - name => 'puppet7', - descr => 'puppet7 repository', - target => '/etc/yum.repos.d/puppet7.repo', - baseurl => "${baseurl}/el/${releasever}-daily/${basearch}/os/", - gpgkey => 'https://yum.puppet.com/RPM-GPG-KEY-puppet-20250406', - #gpgkey => "${baseurl}/el/${releasever}-daily/${basearch}/os/RPM-GPG-KEY-puppet", - } - } -} diff --git a/site/profiles/manifests/yum/unkin.pp b/site/profiles/manifests/yum/unkin.pp deleted file mode 100644 index be5be37..0000000 --- a/site/profiles/manifests/yum/unkin.pp +++ /dev/null @@ -1,23 +0,0 @@ -# Class: profiles::yum::unkin -class profiles::yum::unkin ( - Array[String] $managed_repos, - String $baseurl, - Enum[ - 'daily', - 'weekly', - 'monthly' - ] $snapshot = 'daily', -) { - $release = $facts['os']['release']['major'] - $basearch = $facts['os']['architecture'] - - if 'unkin' in $managed_repos { - yumrepo { 'unkin': - name => 'unkin', - descr => 'unkin repository', - target => '/etc/yum.repos.d/unkin.repo', - baseurl => "${baseurl}/${::facts['os']['release']['major']}/${basearch}/os/", - gpgcheck => false, - } - } -}