Merge branch 'develop' into neoloc/datavol
This commit is contained in:
@@ -0,0 +1,45 @@
|
||||
# a wrapper for puppetlabs-account and saz-sudo
|
||||
define profiles::base::account (
|
||||
String $username,
|
||||
Integer $uid,
|
||||
Integer $gid = undef,
|
||||
Boolean $manage_home = true,
|
||||
Boolean $create_group = true,
|
||||
Boolean $purge_sshkeys = true,
|
||||
Boolean $system = false,
|
||||
Boolean $locked = false,
|
||||
String $password = '!!',
|
||||
Boolean $ignore_pass = false,
|
||||
Array[String] $groups = [],
|
||||
Array[String] $sshkeys = [],
|
||||
Array[String] $sudo_rules = [],
|
||||
String $shell = '/usr/bin/bash',
|
||||
) {
|
||||
|
||||
# Set gid to uid if gid is undef
|
||||
$final_gid = $gid ? {
|
||||
undef => $uid,
|
||||
default => $gid,
|
||||
}
|
||||
|
||||
# Manage user
|
||||
accounts::user { $username:
|
||||
uid => $uid,
|
||||
gid => $final_gid,
|
||||
shell => $shell,
|
||||
groups => $groups,
|
||||
sshkeys => $sshkeys,
|
||||
system => $system,
|
||||
locked => $locked,
|
||||
password => $password,
|
||||
create_group => $create_group,
|
||||
managehome => $manage_home,
|
||||
purge_sshkeys => $purge_sshkeys,
|
||||
ignore_password_if_empty => $ignore_pass,
|
||||
}
|
||||
|
||||
# Manage sudo rules
|
||||
sudo::conf { "${username}_sudo":
|
||||
content => $sudo_rules,
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,29 @@
|
||||
# a class to define some global facts
|
||||
class profiles::base::facts {
|
||||
|
||||
# The path where external facts are stored
|
||||
$facts_d_path = '/opt/puppetlabs/facter/facts.d'
|
||||
|
||||
# Ensure the directory exists
|
||||
file { $facts_d_path:
|
||||
ensure => directory,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0755',
|
||||
}
|
||||
|
||||
# facts to create
|
||||
$fact_list = [ 'enc_role', 'enc_env' ]
|
||||
|
||||
# Manage the external fact file with content from the template
|
||||
$fact_list.each | String $item | {
|
||||
file { "${facts_d_path}/${item}.txt":
|
||||
ensure => file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
content => template("profiles/base/facts/${item}.erb"),
|
||||
require => File[$facts_d_path],
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,30 @@
|
||||
# basic class to manage the /etc/hosts file from a template
|
||||
#
|
||||
# @param additional_hosts:
|
||||
# An array of hashes with ip/hostname/aliases
|
||||
# Aliases is an array in case there is a need for multiple aliases
|
||||
#
|
||||
# class { 'profiles::base::hosts':
|
||||
# additional_hosts => [
|
||||
# { 'ip' => '192.168.0.10', 'hostname' => 'server1.example.com', 'aliases' => ['server1'] },
|
||||
# { 'ip' => '192.168.0.11', 'hostname' => 'server2.example.com' },
|
||||
# # ... and so on
|
||||
# ],
|
||||
# }
|
||||
#
|
||||
class profiles::base::hosts (
|
||||
Array[Hash] $additional_hosts = []
|
||||
) {
|
||||
|
||||
$fqdn = $facts['networking']['fqdn']
|
||||
$hostname = $facts['networking']['hostname']
|
||||
|
||||
# Ensure the file exists and manage its content
|
||||
file { '/etc/hosts':
|
||||
ensure => file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
content => template('profiles/base/hosts.erb'),
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,20 @@
|
||||
# set the motd
|
||||
class profiles::base::motd (
|
||||
String $enc_role = pick($facts['enc_role'], 'undefined'),
|
||||
String $enc_env = pick($facts['enc_env'], 'undefined'),
|
||||
String $fqdn = $facts['networking']['fqdn'],
|
||||
String $addr = $facts['networking']['ip'],
|
||||
String $nic = $facts['networking']['primary'],
|
||||
String $os_name = $facts['os']['name'],
|
||||
String $os_release = $facts['os']['release']['full'],
|
||||
) {
|
||||
|
||||
# Use the regsubst function to remove the 'roles::' prefix from the role name
|
||||
$clean_role = regsubst($enc_role, '^roles::', '')
|
||||
|
||||
# Manage the content of the /etc/motd file
|
||||
file { '/etc/motd':
|
||||
ensure => file,
|
||||
content => template('profiles/base/motd/motd.erb'),
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,26 @@
|
||||
# This class can be included directly in node definitions or other classes.
|
||||
# The preferred method for declaring the scripts is via Hiera.
|
||||
#
|
||||
# Here's an example Hiera configuration:
|
||||
#
|
||||
# profiles::base::scripts::scripts:
|
||||
# script1: script1
|
||||
# script2: script2
|
||||
#
|
||||
# This would deploy 'script1' and 'script2' to /usr/local/bin using their
|
||||
# respective ERB templates in the profiles/base/scripts directory.
|
||||
#
|
||||
class profiles::base::scripts (
|
||||
Hash $scripts = {},
|
||||
) {
|
||||
$scripts.each |$script_name, $template_name| {
|
||||
file { "/usr/local/bin/${script_name}":
|
||||
ensure => file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0755',
|
||||
content => template("profiles/base/scripts/${template_name}.erb"),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user