diff --git a/hieradata/country/au/region/syd1.yaml b/hieradata/country/au/region/syd1.yaml index 2d28c82..7ecae91 100644 --- a/hieradata/country/au/region/syd1.yaml +++ b/hieradata/country/au/region/syd1.yaml @@ -1,6 +1,6 @@ --- timezone::timezone: 'Australia/Sydney' -certbot::client::webserver: ausyd1nxvm1021.main.unkin.net +certbot::client::webserver: ausyd1nxvm2057.main.unkin.net profiles_dns_upstream_forwarder_unkin: - 198.18.19.15 profiles_dns_upstream_forwarder_consul: diff --git a/hieradata/nodes/ausyd1nxvm1002.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1002.main.unkin.net.yaml deleted file mode 100644 index df3aa6c..0000000 --- a/hieradata/nodes/ausyd1nxvm1002.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.12 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1003.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1003.main.unkin.net.yaml deleted file mode 100644 index 3742c94..0000000 --- a/hieradata/nodes/ausyd1nxvm1003.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.13 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1004.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1004.main.unkin.net.yaml deleted file mode 100644 index 07b1320..0000000 --- a/hieradata/nodes/ausyd1nxvm1004.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.14 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1005.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1005.main.unkin.net.yaml deleted file mode 100644 index 637f41a..0000000 --- a/hieradata/nodes/ausyd1nxvm1005.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.15 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1006.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1006.main.unkin.net.yaml deleted file mode 100644 index b3ad9ef..0000000 --- a/hieradata/nodes/ausyd1nxvm1006.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.16 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1007.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1007.main.unkin.net.yaml deleted file mode 100644 index d13378d..0000000 --- a/hieradata/nodes/ausyd1nxvm1007.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.17 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1009.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1009.main.unkin.net.yaml deleted file mode 100644 index 5714209..0000000 --- a/hieradata/nodes/ausyd1nxvm1009.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.19 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1010.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1010.main.unkin.net.yaml deleted file mode 100644 index 85030a0..0000000 --- a/hieradata/nodes/ausyd1nxvm1010.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.20 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1011.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1011.main.unkin.net.yaml deleted file mode 100644 index 1e4bd69..0000000 --- a/hieradata/nodes/ausyd1nxvm1011.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.21 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1012.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1012.main.unkin.net.yaml deleted file mode 100644 index fe067ca..0000000 --- a/hieradata/nodes/ausyd1nxvm1012.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.22 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1013.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1013.main.unkin.net.yaml deleted file mode 100644 index b7faf2d..0000000 --- a/hieradata/nodes/ausyd1nxvm1013.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.23 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1014.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1014.main.unkin.net.yaml deleted file mode 100644 index 6eb0c2d..0000000 --- a/hieradata/nodes/ausyd1nxvm1014.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.24 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1019.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1019.main.unkin.net.yaml deleted file mode 100644 index f34d534..0000000 --- a/hieradata/nodes/ausyd1nxvm1019.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.29 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1020.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1020.main.unkin.net.yaml deleted file mode 100644 index 1171c3a..0000000 --- a/hieradata/nodes/ausyd1nxvm1020.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.30 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1034.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1034.main.unkin.net.yaml deleted file mode 100644 index 4749523..0000000 --- a/hieradata/nodes/ausyd1nxvm1034.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.44 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1035.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1035.main.unkin.net.yaml deleted file mode 100644 index d3e7eca..0000000 --- a/hieradata/nodes/ausyd1nxvm1035.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.45 -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1037.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1037.main.unkin.net.yaml deleted file mode 100644 index c8099e0..0000000 --- a/hieradata/nodes/ausyd1nxvm1037.main.unkin.net.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.47 - ens19: - ensure: present - family: inet - method: static - ipaddress: 10.18.15.47 - netmask: 255.255.255.0 - onboot: true -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1040.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1040.main.unkin.net.yaml deleted file mode 100644 index 30a6d4a..0000000 --- a/hieradata/nodes/ausyd1nxvm1040.main.unkin.net.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.50 - ens19: - ensure: present - family: inet - method: static - ipaddress: 10.18.15.50 - netmask: 255.255.255.0 - onboot: true -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1041.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1041.main.unkin.net.yaml deleted file mode 100644 index fd1f0bc..0000000 --- a/hieradata/nodes/ausyd1nxvm1041.main.unkin.net.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.51 - ens19: - ensure: present - family: inet - method: static - ipaddress: 10.18.15.51 - netmask: 255.255.255.0 - onboot: true -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1042.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1042.main.unkin.net.yaml deleted file mode 100644 index a45bea3..0000000 --- a/hieradata/nodes/ausyd1nxvm1042.main.unkin.net.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.52 - ens19: - ensure: present - family: inet - method: static - ipaddress: 10.18.15.52 - netmask: 255.255.255.0 - onboot: true -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1043.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1043.main.unkin.net.yaml deleted file mode 100644 index 3915551..0000000 --- a/hieradata/nodes/ausyd1nxvm1043.main.unkin.net.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.53 - ens19: - ensure: present - family: inet - method: static - ipaddress: 10.18.15.53 - netmask: 255.255.255.0 - onboot: true -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1044.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1044.main.unkin.net.yaml deleted file mode 100644 index a09e04c..0000000 --- a/hieradata/nodes/ausyd1nxvm1044.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.54 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1045.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1045.main.unkin.net.yaml deleted file mode 100644 index a2b4056..0000000 --- a/hieradata/nodes/ausyd1nxvm1045.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.55 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1046.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1046.main.unkin.net.yaml deleted file mode 100644 index 1e26bb3..0000000 --- a/hieradata/nodes/ausyd1nxvm1046.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.56 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1048.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1048.main.unkin.net.yaml deleted file mode 100644 index 4ce9767..0000000 --- a/hieradata/nodes/ausyd1nxvm1048.main.unkin.net.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.58 - ens19: - ensure: present - family: inet - method: static - ipaddress: 10.18.15.58 - netmask: 255.255.255.0 - onboot: true -networking::routes: - default: - gateway: 198.18.13.254 diff --git a/hieradata/nodes/ausyd1nxvm1050.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1050.main.unkin.net.yaml deleted file mode 100644 index 43704f3..0000000 --- a/hieradata/nodes/ausyd1nxvm1050.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.60 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1051.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1051.main.unkin.net.yaml deleted file mode 100644 index 52cbdb5..0000000 --- a/hieradata/nodes/ausyd1nxvm1051.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.61 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1055.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1055.main.unkin.net.yaml deleted file mode 100644 index de9bfa4..0000000 --- a/hieradata/nodes/ausyd1nxvm1055.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.65 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1056.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1056.main.unkin.net.yaml deleted file mode 100644 index e2b04f2..0000000 --- a/hieradata/nodes/ausyd1nxvm1056.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.66 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1061.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1061.main.unkin.net.yaml deleted file mode 100644 index 84def09..0000000 --- a/hieradata/nodes/ausyd1nxvm1061.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.71 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1062.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1062.main.unkin.net.yaml deleted file mode 100644 index dac6fd5..0000000 --- a/hieradata/nodes/ausyd1nxvm1062.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.72 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1063.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1063.main.unkin.net.yaml deleted file mode 100644 index 9883536..0000000 --- a/hieradata/nodes/ausyd1nxvm1063.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.73 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1070.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1070.main.unkin.net.yaml deleted file mode 100644 index 4983f52..0000000 --- a/hieradata/nodes/ausyd1nxvm1070.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.80 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/ausyd1nxvm1071.main.unkin.net.yaml b/hieradata/nodes/ausyd1nxvm1071.main.unkin.net.yaml deleted file mode 100644 index 0dffb7a..0000000 --- a/hieradata/nodes/ausyd1nxvm1071.main.unkin.net.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -networking::interfaces: - eth0: - ipaddress: 198.18.13.81 -networking::routes: - default: - gateway: 198.18.13.254 \ No newline at end of file diff --git a/hieradata/nodes/prodinf01n01.main.unkin.net.yaml b/hieradata/nodes/prodinf01n01.main.unkin.net.yaml deleted file mode 100644 index d3fd91b..0000000 --- a/hieradata/nodes/prodinf01n01.main.unkin.net.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -profiles::puppet::server::dns_alt_names: - - puppetca.main.unkin.net - - puppetca.service.consul - - puppetca.query.consul - - puppetca - -profiles::puppet::puppetca::is_puppetca: false -profiles::puppet::puppetca::allow_subject_alt_names: true - -hiera_exclude: - - networking diff --git a/hieradata/roles/infra/puppet/master.yaml b/hieradata/roles/infra/puppet/master.yaml index ea51ac8..3f7e584 100644 --- a/hieradata/roles/infra/puppet/master.yaml +++ b/hieradata/roles/infra/puppet/master.yaml @@ -27,7 +27,7 @@ profiles::puppet::cobbler_enc::packages: - 'PyYAML' profiles::puppet::enc::repo: https://git.service.au-syd1.consul/unkinben/puppet-enc.git profiles::puppet::r10k::r10k_repo: https://git.service.au-syd1.consul/unkin/puppet-r10k.git -profiles::puppet::g10k::bin_path: '/opt/puppetlabs/bin/g10k' +profiles::puppet::g10k::bin_path: '/usr/bin/g10k' profiles::puppet::g10k::cfg_path: '/etc/puppetlabs/r10k/r10k.yaml' profiles::puppet::g10k::environments_path: '/etc/puppetlabs/code/environments' profiles::puppet::g10k::default_environment: 'develop' diff --git a/hieradata/roles/infra/reposync/repo.yaml b/hieradata/roles/infra/reposync/repo.yaml new file mode 100644 index 0000000..54da750 --- /dev/null +++ b/hieradata/roles/infra/reposync/repo.yaml @@ -0,0 +1,41 @@ +--- +hiera_include: + - profiles::reposync::webserver + +profiles::ssh::sign::principals: + - packagerepo.service.consul + - packagerepo.query.consul + - "packagerepo.service.%{facts.country}-%{facts.region}.consul" + +# additional altnames +profiles::pki::vault::alt_names: + - packagerepo.main.unkin.net + - packagerepo.service.consul + - packagerepo.query.consul + - "packagerepo.service.%{facts.country}-%{facts.region}.consul" + +# configure consul service +consul::services: + jupyterhub: + service_name: 'packagerepo' + tags: + - 'packagerepo' + address: "%{facts.networking.ip}" + port: 443 + checks: + - id: 'packagerepo_http_check' + name: 'packagerepo HTTP Check' + http: "https://%{facts.networking.fqdn}" + method: 'GET' + tls_skip_verify: true + interval: '10s' + timeout: '1s' +profiles::consul::client::node_rules: + - resource: service + segment: packagerepo + disposition: write + +profiles::reposync::webserver::nginx_listen_mode: both +profiles::reposync::webserver::nginx_cert_type: vault +profiles::reposync::webserver::www_root: /shared/apps/packagerepo/snap +profiles::reposync::webserver::cache_root: /data/repos/cache diff --git a/hieradata/roles/infra/reposync/syncer.yaml b/hieradata/roles/infra/reposync/syncer.yaml index 6cc76a4..a0ef558 100644 --- a/hieradata/roles/infra/reposync/syncer.yaml +++ b/hieradata/roles/infra/reposync/syncer.yaml @@ -2,41 +2,6 @@ profiles::packages::include: createrepo: {} -profiles::ssh::sign::principals: - - packagerepo.service.consul - - packagerepo.query.consul - - "packagerepo.service.%{facts.country}-%{facts.region}.consul" - -# additional altnames -profiles::pki::vault::alt_names: - - packagerepo.main.unkin.net - - packagerepo.service.consul - - packagerepo.query.consul - - "packagerepo.service.%{facts.country}-%{facts.region}.consul" - -# configure consul service -consul::services: - jupyterhub: - service_name: 'packagerepo' - tags: - - 'packagerepo' - address: "%{facts.networking.ip}" - port: 443 - checks: - - id: 'packagerepo_http_check' - name: 'packagerepo HTTP Check' - http: "https://%{facts.networking.fqdn}" - method: 'GET' - tls_skip_verify: true - interval: '10s' - timeout: '1s' -profiles::consul::client::node_rules: - - resource: service - segment: packagerepo - disposition: write - -profiles::reposync::webserver::nginx_listen_mode: both -profiles::reposync::webserver::nginx_cert_type: vault profiles::reposync::repos_list: almalinux_9.6_baseos: repository: 'baseos' diff --git a/site/profiles/manifests/puppet/g10k.pp b/site/profiles/manifests/puppet/g10k.pp index 3a2af5e..da82166 100644 --- a/site/profiles/manifests/puppet/g10k.pp +++ b/site/profiles/manifests/puppet/g10k.pp @@ -1,25 +1,14 @@ # Class: profiles::puppet::g10k # -# This class handles downloading and installation of the g10k tool, a fast -# Git and Forge based Puppet environment and module deployment tool. -# The latest release of g10k is downloaded from GitHub and placed into '/opt/puppetlabs/bin'. -# Additionally, it creates a helper script to easily run g10k with the appropriate configuration. -# It also creates a systemd service and timer that runs the g10k script every minute. class profiles::puppet::g10k ( - String $bin_path, - String $cfg_path, - String $environments_path, - String $default_environment, + Stdlib::Absolutepath $bin_path = '/usr/bin/g10k', + Stdlib::Absolutepath $cfg_path = '/etc/puppetlabs/r10k/r10k.yaml', + Stdlib::Absolutepath $environments_path = '/etc/puppetlabs/code/environments', + String $default_environment = 'develop', ){ - archive { '/tmp/g10k.zip': - ensure => present, - source => 'https://github.com/xorpaul/g10k/releases/latest/download/g10k-linux-amd64.zip', - extract => true, - extract_path => '/opt/puppetlabs/bin', - creates => '/opt/puppetlabs/bin/g10k', - cleanup => true, - require => Package['unzip'] + package {'g10k': + ensure => 'latest', } file { '/opt/puppetlabs/bin/puppet-g10k': @@ -28,7 +17,7 @@ class profiles::puppet::g10k ( group => 'root', mode => '0755', content => template('profiles/puppet/g10k/puppet-g10k.erb'), - require => Archive['/tmp/g10k.zip'], + require => Package['g10k'], } $_timer = @(EOT) diff --git a/site/profiles/manifests/reposync/autosyncer.pp b/site/profiles/manifests/reposync/autosyncer.pp index 5271ec2..3c37f6f 100644 --- a/site/profiles/manifests/reposync/autosyncer.pp +++ b/site/profiles/manifests/reposync/autosyncer.pp @@ -1,6 +1,6 @@ # setup the autosyncer class profiles::reposync::autosyncer ( - Stdlib::Absolutepath $basepath = '/data/repos', + Stdlib::Absolutepath $basepath = '/shared/apps/packagerepo', ) { # Ensure the autosyncer script is present and executable diff --git a/site/profiles/manifests/reposync/repos.pp b/site/profiles/manifests/reposync/repos.pp index 0be17f7..c8a9983 100644 --- a/site/profiles/manifests/reposync/repos.pp +++ b/site/profiles/manifests/reposync/repos.pp @@ -8,7 +8,7 @@ define profiles::reposync::repos ( String $arch = 'x86_64', String $repo_owner = 'root', String $repo_group = 'root', - Stdlib::Absolutepath $basepath = '/data/repos', + Stdlib::Absolutepath $basepath = '/shared/apps/packagerepo', Optional[Stdlib::HTTPUrl] $baseurl = undef, Optional[Stdlib::HTTPUrl] $mirrorlist = undef, ){ diff --git a/site/profiles/manifests/reposync/syncer.pp b/site/profiles/manifests/reposync/syncer.pp index 3be81d8..08a4777 100644 --- a/site/profiles/manifests/reposync/syncer.pp +++ b/site/profiles/manifests/reposync/syncer.pp @@ -3,7 +3,6 @@ class profiles::reposync::syncer { include profiles::reposync::autosyncer include profiles::reposync::autopromoter - include profiles::reposync::webserver # Ensure the reposync config path exists file { '/etc/reposync': diff --git a/site/profiles/manifests/reposync/webserver.pp b/site/profiles/manifests/reposync/webserver.pp index ec18978..40b752f 100644 --- a/site/profiles/manifests/reposync/webserver.pp +++ b/site/profiles/manifests/reposync/webserver.pp @@ -92,6 +92,10 @@ class profiles::reposync::webserver ( proxy_cache_max_size => '30000m', proxy_cache_inactive => '60d', proxy_temp_path => "${cache_root}/tmp", + require => [ + Mkdir::P[$cache_root], + Mkdir::P[$www_root] + ] } # create the nginx vhost with the merged parameters @@ -131,15 +135,6 @@ class profiles::reposync::webserver ( } } - # export cnames for webserver - profiles::dns::record { "${::facts['networking']['fqdn']}_repos.main.unkin.net_CNAME": - value => $::facts['networking']['hostname'], - type => 'CNAME', - record => 'repos.main.unkin.net.', - zone => $::facts['networking']['domain'], - order => 10, - } - if $::facts['os']['selinux']['config_mode'] == 'enforcing' { # set httpd_sys_content_t to all files under the www_root diff --git a/site/profiles/templates/reposync/autosyncer.erb b/site/profiles/templates/reposync/autosyncer.erb index 0cc2551..0966bec 100644 --- a/site/profiles/templates/reposync/autosyncer.erb +++ b/site/profiles/templates/reposync/autosyncer.erb @@ -29,6 +29,9 @@ download_gpg_key() { curl -s --create-dirs -o "${basepath}/live/${reponame}/${filename}" "$gpgkeyurl" || { echo "Failed to download GPG key from $gpgkeyurl" } + + # import the gpg key + rpm --import "${basepath}/live/${reponame}/${filename}" || echo "Failed to import gpg key ${basepath}/live/${reponame}/${filename}" } # Function to perform rsync with hard links diff --git a/site/roles/manifests/infra/reposync/repo.pp b/site/roles/manifests/infra/reposync/repo.pp new file mode 100644 index 0000000..26fb26c --- /dev/null +++ b/site/roles/manifests/infra/reposync/repo.pp @@ -0,0 +1,11 @@ +# a role to deploy the webserver for packagerepo +class roles::infra::reposync::repo { + if $facts['firstrun'] { + include profiles::defaults + include profiles::firstrun::init + }else{ + include profiles::defaults + include profiles::base + include profiles::base::datavol + } +} diff --git a/site/roles/manifests/infra/reposync/syncer.pp b/site/roles/manifests/infra/reposync/syncer.pp index 9c41fe3..4b5bb00 100644 --- a/site/roles/manifests/infra/reposync/syncer.pp +++ b/site/roles/manifests/infra/reposync/syncer.pp @@ -1,4 +1,4 @@ -# a role to deploy a packagerepo +# a role to deploy the syncer/promoter for packagerepo class roles::infra::reposync::syncer { if $facts['firstrun'] { include profiles::defaults