Merge branch 'develop' into neoloc/dns_master_multiregion
This commit is contained in:
commit
99d3dcf4d8
@ -46,6 +46,7 @@ hiera_classes:
|
|||||||
- timezone
|
- timezone
|
||||||
|
|
||||||
profiles::ntp::client::ntp_role: 'roles::infra::ntp::server'
|
profiles::ntp::client::ntp_role: 'roles::infra::ntp::server'
|
||||||
|
profiles::ntp::client::use_ntp: 'region'
|
||||||
profiles::ntp::client::peers:
|
profiles::ntp::client::peers:
|
||||||
- 0.pool.ntp.org
|
- 0.pool.ntp.org
|
||||||
- 1.pool.ntp.org
|
- 1.pool.ntp.org
|
||||||
|
|||||||
@ -6,20 +6,6 @@ class profiles::base (
|
|||||||
# install the vault ca first
|
# install the vault ca first
|
||||||
include profiles::pki::vaultca
|
include profiles::pki::vaultca
|
||||||
|
|
||||||
# manage package repositories
|
|
||||||
case $facts['os']['family'] {
|
|
||||||
'RedHat': {
|
|
||||||
include profiles::yum::global
|
|
||||||
include profiles::firewall::firewalld
|
|
||||||
}
|
|
||||||
'Debian': {
|
|
||||||
include profiles::apt::global
|
|
||||||
}
|
|
||||||
default: {
|
|
||||||
fail("Unsupported OS family ${facts['os']['family']}")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# manage the puppet agent
|
# manage the puppet agent
|
||||||
include profiles::puppet::agent
|
include profiles::puppet::agent
|
||||||
|
|
||||||
@ -29,6 +15,7 @@ class profiles::base (
|
|||||||
}
|
}
|
||||||
|
|
||||||
# include the base profiles
|
# include the base profiles
|
||||||
|
include profiles::base::repos
|
||||||
include profiles::packages
|
include profiles::packages
|
||||||
include profiles::base::facts
|
include profiles::base::facts
|
||||||
include profiles::base::motd
|
include profiles::base::motd
|
||||||
@ -63,4 +50,10 @@ class profiles::base (
|
|||||||
|
|
||||||
# include classes from hiera
|
# include classes from hiera
|
||||||
lookup('hiera_classes', Array[String], 'unique').include
|
lookup('hiera_classes', Array[String], 'unique').include
|
||||||
|
|
||||||
|
# specifc ordering constraints
|
||||||
|
Class['profiles::pki::vaultca']
|
||||||
|
-> Class['profiles::base::repos']
|
||||||
|
-> Class['profiles::packages']
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
16
site/profiles/manifests/base/repos.pp
Normal file
16
site/profiles/manifests/base/repos.pp
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
# profiles::base::repos
|
||||||
|
class profiles::base::repos {
|
||||||
|
# manage package repositories
|
||||||
|
case $facts['os']['family'] {
|
||||||
|
'RedHat': {
|
||||||
|
include profiles::yum::global
|
||||||
|
include profiles::firewall::firewalld
|
||||||
|
}
|
||||||
|
'Debian': {
|
||||||
|
include profiles::apt::global
|
||||||
|
}
|
||||||
|
default: {
|
||||||
|
fail("Unsupported OS family ${facts['os']['family']}")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -32,8 +32,8 @@ class profiles::dns::base (
|
|||||||
|
|
||||||
# include resolvconf class
|
# include resolvconf class
|
||||||
class { 'profiles::dns::resolvconf':
|
class { 'profiles::dns::resolvconf':
|
||||||
nameservers => $nameserver_array,
|
nameservers => sort($nameserver_array),
|
||||||
search_domains => $search_array,
|
search_domains => sort($search_array),
|
||||||
}
|
}
|
||||||
|
|
||||||
# export dns records for client
|
# export dns records for client
|
||||||
|
|||||||
@ -11,6 +11,11 @@ class profiles::ntp::client (
|
|||||||
'running',
|
'running',
|
||||||
'stopped'
|
'stopped'
|
||||||
] $wait_ensure = 'running',
|
] $wait_ensure = 'running',
|
||||||
|
Enum[
|
||||||
|
'all',
|
||||||
|
'region',
|
||||||
|
'country'
|
||||||
|
] $use_ntp = 'all',
|
||||||
Boolean $client_only = true,
|
Boolean $client_only = true,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
@ -18,23 +23,25 @@ class profiles::ntp::client (
|
|||||||
# through the profiles::ntp::server class.
|
# through the profiles::ntp::server class.
|
||||||
if $client_only {
|
if $client_only {
|
||||||
|
|
||||||
# if ntp_role is set, find all hosts matching that enc_role
|
$ntpserver_array = $ntp_role ? {
|
||||||
if $ntp_role == undef {
|
undef => $peers,
|
||||||
$ntpserver_array = $peers
|
default => $use_ntp ? {
|
||||||
}else{
|
'all' => query_nodes("enc_role='${ntp_role}'", 'networking.fqdn'),
|
||||||
$ntpserver_array = query_nodes("enc_role='${ntp_role}'", 'networking.fqdn')
|
'region' => query_nodes("enc_role='${ntp_role}' and region=${facts['region']}", 'networking.fqdn'),
|
||||||
|
'country' => query_nodes("enc_role='${ntp_role}' and country=${facts['country']}", 'networking.fqdn'),
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Define the client configuration based on OS family
|
# Define the client configuration based on OS family
|
||||||
if $facts['os']['family'] == 'RedHat' {
|
if $facts['os']['family'] == 'RedHat' {
|
||||||
class { 'chrony':
|
class { 'chrony':
|
||||||
servers => $ntpserver_array,
|
servers => sort($ntpserver_array),
|
||||||
wait_enable => $wait_enable,
|
wait_enable => $wait_enable,
|
||||||
wait_ensure => $wait_ensure,
|
wait_ensure => $wait_ensure,
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
class { 'chrony':
|
class { 'chrony':
|
||||||
servers => $ntpserver_array,
|
servers => sort($ntpserver_array),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -23,7 +23,8 @@ class profiles::proxmox::params (
|
|||||||
'proxmox-ve',
|
'proxmox-ve',
|
||||||
'postfix',
|
'postfix',
|
||||||
'open-iscsi',
|
'open-iscsi',
|
||||||
'frr-pythontools'
|
'frr-pythontools',
|
||||||
|
'ksm-control-daemon'
|
||||||
],
|
],
|
||||||
Array $pve_packages_remove = [
|
Array $pve_packages_remove = [
|
||||||
'os-prober',
|
'os-prober',
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user