Merge branch 'develop' into neoloc/datavol

This commit is contained in:
2023-11-05 17:40:19 +11:00
40 changed files with 706 additions and 40 deletions
+45
View File
@@ -0,0 +1,45 @@
# a wrapper for puppetlabs-account and saz-sudo
define profiles::base::account (
String $username,
Integer $uid,
Integer $gid = undef,
Boolean $manage_home = true,
Boolean $create_group = true,
Boolean $purge_sshkeys = true,
Boolean $system = false,
Boolean $locked = false,
String $password = '!!',
Boolean $ignore_pass = false,
Array[String] $groups = [],
Array[String] $sshkeys = [],
Array[String] $sudo_rules = [],
String $shell = '/usr/bin/bash',
) {
# Set gid to uid if gid is undef
$final_gid = $gid ? {
undef => $uid,
default => $gid,
}
# Manage user
accounts::user { $username:
uid => $uid,
gid => $final_gid,
shell => $shell,
groups => $groups,
sshkeys => $sshkeys,
system => $system,
locked => $locked,
password => $password,
create_group => $create_group,
managehome => $manage_home,
purge_sshkeys => $purge_sshkeys,
ignore_password_if_empty => $ignore_pass,
}
# Manage sudo rules
sudo::conf { "${username}_sudo":
content => $sudo_rules,
}
}
+29
View File
@@ -0,0 +1,29 @@
# a class to define some global facts
class profiles::base::facts {
# The path where external facts are stored
$facts_d_path = '/opt/puppetlabs/facter/facts.d'
# Ensure the directory exists
file { $facts_d_path:
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755',
}
# facts to create
$fact_list = [ 'enc_role', 'enc_env' ]
# Manage the external fact file with content from the template
$fact_list.each | String $item | {
file { "${facts_d_path}/${item}.txt":
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template("profiles/base/facts/${item}.erb"),
require => File[$facts_d_path],
}
}
}
+30
View File
@@ -0,0 +1,30 @@
# basic class to manage the /etc/hosts file from a template
#
# @param additional_hosts:
# An array of hashes with ip/hostname/aliases
# Aliases is an array in case there is a need for multiple aliases
#
# class { 'profiles::base::hosts':
# additional_hosts => [
# { 'ip' => '192.168.0.10', 'hostname' => 'server1.example.com', 'aliases' => ['server1'] },
# { 'ip' => '192.168.0.11', 'hostname' => 'server2.example.com' },
# # ... and so on
# ],
# }
#
class profiles::base::hosts (
Array[Hash] $additional_hosts = []
) {
$fqdn = $facts['networking']['fqdn']
$hostname = $facts['networking']['hostname']
# Ensure the file exists and manage its content
file { '/etc/hosts':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => template('profiles/base/hosts.erb'),
}
}
+20
View File
@@ -0,0 +1,20 @@
# set the motd
class profiles::base::motd (
String $enc_role = pick($facts['enc_role'], 'undefined'),
String $enc_env = pick($facts['enc_env'], 'undefined'),
String $fqdn = $facts['networking']['fqdn'],
String $addr = $facts['networking']['ip'],
String $nic = $facts['networking']['primary'],
String $os_name = $facts['os']['name'],
String $os_release = $facts['os']['release']['full'],
) {
# Use the regsubst function to remove the 'roles::' prefix from the role name
$clean_role = regsubst($enc_role, '^roles::', '')
# Manage the content of the /etc/motd file
file { '/etc/motd':
ensure => file,
content => template('profiles/base/motd/motd.erb'),
}
}
+26
View File
@@ -0,0 +1,26 @@
# This class can be included directly in node definitions or other classes.
# The preferred method for declaring the scripts is via Hiera.
#
# Here's an example Hiera configuration:
#
# profiles::base::scripts::scripts:
# script1: script1
# script2: script2
#
# This would deploy 'script1' and 'script2' to /usr/local/bin using their
# respective ERB templates in the profiles/base/scripts directory.
#
class profiles::base::scripts (
Hash $scripts = {},
) {
$scripts.each |$script_name, $template_name| {
file { "/usr/local/bin/${script_name}":
ensure => file,
owner => 'root',
group => 'root',
mode => '0755',
content => template("profiles/base/scripts/${template_name}.erb"),
}
}
}