refacter: cleanup packages setup
This commit is contained in:
parent
73a21059f8
commit
12ff053c6d
@ -1,9 +1,15 @@
|
||||
---
|
||||
lookup_options:
|
||||
profiles::packages::base::add:
|
||||
profiles::packages::install:
|
||||
merge:
|
||||
strategy: deep
|
||||
profiles::packages::base::remove:
|
||||
profiles::packages::install_exclude:
|
||||
merge:
|
||||
strategy: deep
|
||||
profiles::packages::remove:
|
||||
merge:
|
||||
strategy: deep
|
||||
profiles::packages::remove_exclude:
|
||||
merge:
|
||||
strategy: deep
|
||||
|
||||
@ -22,13 +28,14 @@ profiles::base::puppet_servers:
|
||||
profiles::dns::master::basedir: '/var/named/sources'
|
||||
profiles::dns::base::ns_role: 'roles::infra::dns::resolver'
|
||||
|
||||
profiles::packages::base::add:
|
||||
profiles::packages::install:
|
||||
- bash-completion
|
||||
- bzip2
|
||||
- ccze
|
||||
- curl
|
||||
- dstat
|
||||
- gzip
|
||||
- git
|
||||
- htop
|
||||
- inotify-tools
|
||||
- iotop
|
||||
@ -57,7 +64,7 @@ profiles::packages::base::add:
|
||||
- zsh
|
||||
- zstd
|
||||
|
||||
profiles::packages::base::remove:
|
||||
profiles::packages::remove:
|
||||
- iwl100-firmware
|
||||
- iwl1000-firmware
|
||||
- iwl105-firmware
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
---
|
||||
profiles::packages::install:
|
||||
- policycoreutils
|
||||
|
||||
profiles::puppet::puppetdb::puppetdb_host: prodinf01n04.main.unkin.net
|
||||
profiles::puppet::puppetdb::postgres_host: prodinf01n05.main.unkin.net
|
||||
puppetdb::master::config::create_puppet_service_resource: false
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
---
|
||||
profiles::packages::install:
|
||||
- createrepo
|
||||
|
||||
profiles::reposync::repos_list:
|
||||
almalinux_8_9_baseos:
|
||||
repository: 'BaseOS'
|
||||
|
||||
@ -25,7 +25,7 @@ class profiles::base (
|
||||
}
|
||||
|
||||
# include the base profiles
|
||||
include profiles::packages::base
|
||||
include profiles::packages
|
||||
include profiles::base::facts
|
||||
include profiles::base::motd
|
||||
include profiles::base::scripts
|
||||
|
||||
23
site/profiles/manifests/packages.pp
Normal file
23
site/profiles/manifests/packages.pp
Normal file
@ -0,0 +1,23 @@
|
||||
# This class manages the installation of packages for the base profile
|
||||
#
|
||||
# Parameters:
|
||||
# - $install: An array of package names to be installed
|
||||
# - $remove: An array of package names to be removed
|
||||
#
|
||||
class profiles::packages (
|
||||
Array $install = [],
|
||||
Array $install_exclude = [],
|
||||
Array $remove = [],
|
||||
Array $remove_exclude = [],
|
||||
) {
|
||||
|
||||
# Filter out excluded packages
|
||||
$install_real = $install.filter |$item| { !$install_exclude.any |$exclude_item| { $exclude_item == $item } }
|
||||
$remove_real = $remove.filter |$item| { !$remove_exclude.any |$exclude_item| { $exclude_item == $item } }
|
||||
|
||||
# Ensure packages to install are installed
|
||||
ensure_packages($install_real, {'ensure' => 'present'})
|
||||
|
||||
# Ensure packages to remove are absent
|
||||
ensure_packages($remove_real, {'ensure' => 'absent'})
|
||||
}
|
||||
@ -1,21 +0,0 @@
|
||||
# This class manages the installation of packages for the base profile
|
||||
#
|
||||
# Parameters:
|
||||
# - $add: An array of package names to be installed
|
||||
# - $remove: An array of package names to be removed
|
||||
#
|
||||
class profiles::packages::base (
|
||||
Array $add = [],
|
||||
Array $remove = [],
|
||||
) {
|
||||
|
||||
# Ensure packages to add are installed
|
||||
ensure_packages($add, {'ensure' => 'present'})
|
||||
|
||||
# Ensure packages to remove are absent
|
||||
$remove.each |String $package| {
|
||||
package { $package:
|
||||
ensure => 'absent',
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,11 +0,0 @@
|
||||
# installs git related packages
|
||||
#
|
||||
class profiles::packages::git (
|
||||
Array[String] $packages = lookup('profiles::packages::git', Array, 'first', ['git']),
|
||||
) {
|
||||
$packages.each |String $package| {
|
||||
package { $package:
|
||||
ensure => installed,
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,11 +0,0 @@
|
||||
# installs reposync related packages
|
||||
#
|
||||
class profiles::packages::reposync (
|
||||
Array[String] $packages = lookup('profiles::packages::reposync', Array, 'first', ['createrepo']),
|
||||
) {
|
||||
$packages.each |String $package| {
|
||||
package { $package:
|
||||
ensure => installed,
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,11 +0,0 @@
|
||||
# installs selinux related packages
|
||||
#
|
||||
class profiles::packages::selinux (
|
||||
Array[String] $packages = lookup('profiles::packages::selinux', Array, 'first', ['policycoreutils']),
|
||||
) {
|
||||
$packages.each |String $package| {
|
||||
package { $package:
|
||||
ensure => installed,
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -39,8 +39,6 @@ class profiles::puppet::enc (
|
||||
Boolean $force = false,
|
||||
) {
|
||||
|
||||
include profiles::packages::git
|
||||
|
||||
vcsrepo { '/opt/puppetlabs/enc':
|
||||
ensure => latest,
|
||||
provider => git,
|
||||
|
||||
@ -36,9 +36,6 @@ class profiles::puppet::g10k (
|
||||
String $environments_path,
|
||||
String $default_environment,
|
||||
){
|
||||
package { 'unzip':
|
||||
ensure => installed,
|
||||
}
|
||||
|
||||
archive { '/tmp/g10k.zip':
|
||||
ensure => present,
|
||||
@ -47,6 +44,7 @@ class profiles::puppet::g10k (
|
||||
extract_path => '/opt/puppetlabs/bin',
|
||||
creates => '/opt/puppetlabs/bin/g10k',
|
||||
cleanup => true,
|
||||
require => Package['unzip']
|
||||
}
|
||||
|
||||
file { '/opt/puppetlabs/bin/puppet-g10k':
|
||||
|
||||
@ -37,8 +37,6 @@ class profiles::puppet::r10k (
|
||||
String $r10k_repo,
|
||||
){
|
||||
|
||||
include profiles::packages::git
|
||||
|
||||
vcsrepo { '/etc/puppetlabs/r10k':
|
||||
ensure => latest,
|
||||
provider => git,
|
||||
|
||||
@ -10,7 +10,7 @@ class profiles::reposync::autosyncer (
|
||||
group => 'root',
|
||||
mode => '0755',
|
||||
content => template('profiles/reposync/autosyncer.erb'),
|
||||
require => Class['profiles::packages::reposync'],
|
||||
require => Package['createrepo'],
|
||||
}
|
||||
|
||||
# daily autosyncr service/timer
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
# setup a reposync syncer
|
||||
class profiles::reposync::syncer {
|
||||
|
||||
include profiles::packages::reposync
|
||||
include profiles::reposync::autosyncer
|
||||
include profiles::reposync::autopromoter
|
||||
include profiles::reposync::webserver
|
||||
|
||||
@ -40,9 +40,6 @@ class profiles::reposync::webserver (
|
||||
|
||||
if $::facts['os']['selinux']['config_mode'] == 'enforcing' {
|
||||
|
||||
# include packages that are required
|
||||
include profiles::packages::selinux
|
||||
|
||||
# set httpd_sys_content_t to all files under the www_root
|
||||
selinux::fcontext { $www_root:
|
||||
ensure => 'present',
|
||||
|
||||
@ -7,8 +7,6 @@ class profiles::selinux::mysqld (
|
||||
Boolean $selinuxuser_mysql_connect_enabled = true,
|
||||
String $selinux_mode = 'enforcing',
|
||||
){
|
||||
# include packages that are required
|
||||
include profiles::packages::selinux
|
||||
|
||||
# setenforce
|
||||
class { 'profiles::selinux::setenforce':
|
||||
|
||||
@ -5,8 +5,6 @@ class profiles::selinux::nginx (
|
||||
Boolean $httpd_can_network_connect = true,
|
||||
String $selinux_mode = 'enforcing',
|
||||
){
|
||||
# include packages that are required
|
||||
include profiles::packages::selinux
|
||||
|
||||
# setenforce
|
||||
class { 'profiles::selinux::setenforce':
|
||||
|
||||
@ -3,7 +3,8 @@ class profiles::selinux::setenforce (
|
||||
Enum['enforcing', 'permissive', 'disabled'] $mode = 'enforcing',
|
||||
) {
|
||||
class { 'selinux':
|
||||
mode => $mode,
|
||||
mode => $mode,
|
||||
require => Package['policycoreutils']
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user